retakebr.com.br Open in urlscan Pro
2606:4700:3037::ac43:8bc3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://skinsgratiscsgo.com/
Effective URL:
https://retakebr.com.br/
Submission Tags: phishingrod
Submission: On June 10 via api (June 10th 2023, 12:05:06 pm UTC) from DE — Scanned from NL

Summary HTTP 150 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 20 domains to perform 150 HTTP transactions. The main IP is 2606:4700:3037::ac43:8bc3, located in United States and belongs to CLOUDFLARENET, US. The main domain is retakebr.com.br.
TLS certificate: Issued by GTS CA 1P5 on May 28th 2023. Valid for: 3 months.

This is the only time retakebr.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	2606:4700:303... 2606:4700:3037::ac43:8bc3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e6:... 2606:4700:e6::ac40:ca1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	() ()
2 2	3.126.192.167 3.126.192.167	() ()
6	142.250.185.226 142.250.185.226	() ()
1 1	151.101.194.49 151.101.194.49	() ()
1 1	35.190.0.66 35.190.0.66	() ()
2 2	213.155.156.168 213.155.156.168	() ()
1	178.250.1.9 178.250.1.9	() ()
2 2	37.157.4.29 37.157.4.29	() ()
150	20

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

skinsgratiscsgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700:3037::ac43:8bc3 (United States)

ASN13335 (CLOUDFLARENET, US)

retakebr.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:ca1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.192.167 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (None, )

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (None, ) 1 redirects

ASN- ()

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 tpc.googlesyndication.com — Cisco Umbrella Rank: 154	603 KB
41	retakebr.com.br retakebr.com.br	494 KB
18	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 121 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net	204 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	149 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	8 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	329 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3028 adservice.google.com — Cisco Umbrella Rank: 106 www.google.com — Cisco Umbrella Rank: 3	2 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1912 ka-f.fontawesome.com — Cisco Umbrella Rank: 3845	183 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	177 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	653 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
1	criteo.com dis.criteo.com	363 B
1	travelaudience.com 1 redirects ads.travelaudience.com	554 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	538 B
1	quantserve.com cms.quantserve.com	463 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1086	608 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 8124	408 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	88 KB
1	skinsgratiscsgo.com 1 redirects skinsgratiscsgo.com	448 B
150	20

	Domain	Requested by
41	retakebr.com.br	retakebr.com.br
31	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	pagead2.googlesyndication.com	retakebr.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net retakebr.com.br
8	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	googleads.g.doubleclick.net
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
4	ka-f.fontawesome.com	kit.fontawesome.com retakebr.com.br
4	cdnjs.cloudflare.com	retakebr.com.br cdnjs.cloudflare.com
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
1	dis.criteo.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.nl	retakebr.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	kit.fontawesome.com	retakebr.com.br
1	www.googletagmanager.com	retakebr.com.br
1	skinsgratiscsgo.com	1 redirects
150	27

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
youtube.com
www.instagram.com
www.facebook.com
chat.whatsapp.com
t.me
www.twitch.tv

Subject Issuer	Validity	Valid
retakebr.com.br GTS CA 1P5	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.google.nl GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://retakebr.com.br/
Frame ID: 708107B1454D7CA8F245F12206C33D46
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html
Frame ID: 69961416C709328757DB0AC333E6F3C2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&adk=1812271804&adf=3025194257&lmt=1686364382&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fretakebr.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686398700182&bpp=8&bdt=634&idt=355&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7722061071390&frm=20&pv=2&ga_vid=511979164.1686398700&ga_sid=1686398701&ga_hid=1619152942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532277%2C42532279%2C31075178%2C44785295%2C44788441%2C44793497&oid=2&pvsid=3032227015024458&tmod=92699704&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=396
Frame ID: 4326EBB4CD7D430FA3BDDF669081BD09
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686364382&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686398700190&bpp=3&bdt=642&idt=393&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7722061071390&frm=20&pv=1&ga_vid=511979164.1686398700&ga_sid=1686398701&ga_hid=1619152942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532277%2C42532279%2C31075178%2C44785295%2C44788441%2C44793497&oid=2&pvsid=3032227015024458&tmod=92699704&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CcmUiFVFkT&p=https%3A//retakebr.com.br&dtd=396
Frame ID: A8928CE6973590F81E7CB1CD13BD23DD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1686364382&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686398701708&bpp=3&bdt=2159&idt=3&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1a529d28b501e276-220626ee57e10005%3AT%3D1686398700%3ART%3D1686398700%3AS%3DALNI_MbwhXke9ePaECedbBBWHNMu9nDIlg&gpic=UID%3D00000c467167425b%3AT%3D1686398700%3ART%3D1686398700%3AS%3DALNI_Ma4Pk2q-VF4MgznKDurs-Gjodbxgw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7722061071390&frm=20&pv=1&ga_vid=511979164.1686398700&ga_sid=1686398701&ga_hid=1619152942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532277%2C42532279%2C31075178%2C44785295%2C44788441%2C44793497&oid=2&psts=ABHeCvigC_2BiVmNR9agmup4n5s0HxF4EeQTomHQ-9VNU3aaLWF9TbMHB24OvajQ_GFNUWDioz1wqankdFHAg8SlZSZf2g&pvsid=3032227015024458&tmod=92699704&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rV4EONQWPa&p=https%3A//retakebr.com.br&dtd=40
Frame ID: 4B91C389738CD4A53DD1EE9C1EB39931
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: DAD186C81E2DB74B5B6B9D75D59AA93D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1
Frame ID: 075605EF16EF26366C9D2B930B92D87B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1
Frame ID: 268215E0C6333051111F2C2242BB339E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1
Frame ID: CC7CA0FC11BDF15D030B3B56B034EDEC
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1
Frame ID: A76F8B3CF31CC7F92C7D8241CCCC275C
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 44AD2424077E6959D38ED9AA17ED90C7
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C1E189E3E02E700B2FD9954FEF80126C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 3C897AD3ECB2FD96CA69BD721F55C39E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 5CED6FE4715CC88D4E5068D81972E506
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 88F9BE71C15FEDD8A91455B711BCFCE3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: BE09CA7C2234C2A82822EE87AECF644F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: BE26899BDA8F8CDDA8AEB6EE2EDAD171
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D4C8007AB291BD4CAE8F186359992E95
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 33738224790564E0A3DDC2C36F5A11B3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Retakebr - Portal de Notícias de Counter Strike e Tutoriais CSGO

Page URL History Show full URLs

https://skinsgratiscsgo.com/ HTTP 301
https://retakebr.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

150
Requests

97 %
HTTPS

72 %
IPv6

20
Domains

27
Subdomains

20
IPs

3
Countries

2239 kB
Transfer

5456 kB
Size

15
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/RetakebrOficial

Search URL Search Domain Scan URL

URL: https://twitter.com/RetakebrOficial

Search URL Search Domain Scan URL

URL: https://youtube.com/@RetakebrOficial

Search URL Search Domain Scan URL

URL: https://www.instagram.com/RetakebrOficial/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/retakebr

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/KrkBiuBWUbF7NGpsijQAHP
Title: CSGO no Whats App

Search URL Search Domain Scan URL

URL: https://t.me/+Y6OHprQ6Kx4yYWZh
Title: Grupo no Telegram

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/retakebroficial

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://skinsgratiscsgo.com/ HTTP 301
https://retakebr.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 139

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMx6TZOtVzDM4wkO9KmsX-E&google_cver=1&google_push=ATf1kGMQUhtYvn0Sgw8fwUiQT5hLEBPbR5ogDmcUSEcq96UcDg5jS44yen1mX15fNXsTnp06WdzJ7QPPoiwqhikAnuIlH591ZTwQU3E HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMx6TZOtVzDM4wkO9KmsX-E&google_cver=1&google_push=ATf1kGMQUhtYvn0Sgw8fwUiQT5hLEBPbR5ogDmcUSEcq96UcDg5jS44yen1mX15fNXsTnp06WdzJ7QPPoiwqhikAnuIlH591ZTwQU3E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2FmZnJUQmcxUTdYbDQ1&google_gid=CAESEMx6TZOtVzDM4wkO9KmsX-E&google_cver=1&google_push=ATf1kGMQUhtYvn0Sgw8fwUiQT5hLEBPbR5ogDmcUSEcq96UcDg5jS44yen1mX15fNXsTnp06WdzJ7QPPoiwqhikAnuIlH591ZTwQU3E

Request Chain 140

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKr-NdB-LAJ1SlXcgLaqRdc&google_cver=1&google_push=ATf1kGM_QliNaR4fQriWrZo8bUix4rN1XXjacdUyWeRMi43jDw7x_H_3KJgAgPqRAAiSFn-2TV3enYb1x84mDLA-woE2tHL-g5G5B5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKr-NdB-LAJ1SlXcgLaqRdc&google_push=ATf1kGM_QliNaR4fQriWrZo8bUix4rN1XXjacdUyWeRMi43jDw7x_H_3KJgAgPqRAAiSFn-2TV3enYb1x84mDLA-woE2tHL-g5G5B5w

Request Chain 141

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM0kS1QBGgdCFV27jkmMPLQ&google_cver=1&google_push=ATf1kGO4nah7U4A7LyKF3uznUacIS9C53Vh4J0httcL7Bt2iRfDS2EwNxlZ3-wv0oOtPWL4ONoCSnwvpvxv9ID94z99PKQbaKOU5Mds HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uMrbqroTT2mFMQ8qYPnL2w2&google_push=ATf1kGO4nah7U4A7LyKF3uznUacIS9C53Vh4J0httcL7Bt2iRfDS2EwNxlZ3-wv0oOtPWL4ONoCSnwvpvxv9ID94z99PKQbaKOU5Mds

Request Chain 142

https://d5p.de17a.com/cookies/google?google_gid=CAESEDEvDeM8ZqMy9k33ipmwudY&google_cver=1&google_push=ATf1kGPH70zLMdMFTTOnhxnKdANOpBgYaPsaXaNSU9_SGw89UVbHZ36jqlF7EhwCi2_N-gz9aJqdbVGMCh_aSaCjBXaJS_TOcew5Vew HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDEvDeM8ZqMy9k33ipmwudY&google_cver=1&google_push=ATf1kGPH70zLMdMFTTOnhxnKdANOpBgYaPsaXaNSU9_SGw89UVbHZ36jqlF7EhwCi2_N-gz9aJqdbVGMCh_aSaCjBXaJS_TOcew5Vew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPH70zLMdMFTTOnhxnKdANOpBgYaPsaXaNSU9_SGw89UVbHZ36jqlF7EhwCi2_N-gz9aJqdbVGMCh_aSaCjBXaJS_TOcew5Vew

Request Chain 144

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELsJ1gSe5EeP24yLnN98wfo&google_cver=1&google_push=ATf1kGPQjaNbfaj5WcyzkjrVxTZoD1DUN_9yOXVMLsw-E2z74sGBNAO7PL6M7P4RgckuD6AfLH0_GwZyXUb7L9G-f9dyEyG-CY9aca0 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELsJ1gSe5EeP24yLnN98wfo&google_cver=1&google_push=ATf1kGPQjaNbfaj5WcyzkjrVxTZoD1DUN_9yOXVMLsw-E2z74sGBNAO7PL6M7P4RgckuD6AfLH0_GwZyXUb7L9G-f9dyEyG-CY9aca0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk3Mzc2NDg3ODM2NjI5NDkyNQ&google_push=ATf1kGPQjaNbfaj5WcyzkjrVxTZoD1DUN_9yOXVMLsw-E2z74sGBNAO7PL6M7P4RgckuD6AfLH0_GwZyXUb7L9G-f9dyEyG-CY9aca0

150 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
retakebr.com.br/
Redirect Chain

https://skinsgratiscsgo.com/
https://retakebr.com.br/

147 KB
20 KB

623ms
345ms

Document
text/html

2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eca15b8922fb25711a4c90119bed1a91fbf129d7fa6b89415e43acecc8d12d4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300
cf-cache-status: EXPIRED
cf-ray: 7d517ade1e96b97a-AMS
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 10 Jun 2023 12:04:59 GMT
expires: Sat, 10 Jun 2023 02:33:02 GMT
last-modified: Sat, 10 Jun 2023 02:33:02 GMT
link: <https://retakebr.com.br/wp-json/>; rel="https://api.w.org/" <https://retakebr.com.br/wp-json/wp/v2/pages/145>; rel="alternate"; type="application/json" <https://retakebr.com.br/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform: hostinger
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dESlbpORhlfKt9BC%2BEf7CjvopFo0hIjAjnYwbWeTuCK2T4%2BXAKOqnlATjiS570xvHNhThPZrVlwFbe7aJb%2BxQMaB7Qr2wh89EXFIALqkoegLXvVTCipnd3oIAOq5RY8D9WngjJO39%2BFe3SHzgtQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 7d517adc2bbf0a68-AMS
date: Sat, 10 Jun 2023 12:04:58 GMT
expires: Sat, 10 Jun 2023 13:04:58 GMT
location: https://retakebr.com.br/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6RwlaxunTq9otH5TuXaX0OnkuyS3l1CjkW0gbkwGTSKybbVjIQqLbPN4L5E6msfdmooDquRdIBmrLkDRScCOfAWMafAWeoKkwTEGSKhk5vd4LYnoeb8jzXuHfa13ssRT2%2BoK7W1fiYy68XaSuM9oxoq"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.min.css
retakebr.com.br/wp-includes/css/dist/block-library/ 95 KB
13 KB 54ms
52ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-includes/css/dist/block-library/style.min.css?ver=e56b18bb81fb799a6c980decfa793be2

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17736
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 02:08:15 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiHzo4iFq4ARY6C7MUM%2BxjwnBQjN16u5xsUGEnu6Z4yXvooqoQCFUNQsHY9t5eSWbbsE5Xf6XKn5P2Xa6wmpebxqo%2BGwFFsrZ7yJYsI75upR8uCtMm56nGKg%2FelsUHrm2bjPKJY0Wtya8TlM45I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae058afb97a-AMS
expires: Mon, 10 Jul 2023 07:09:23 GMT

GET
H2 200 classic-themes.min.css
retakebr.com.br/wp-includes/css/ 291 B
522 B 52ms
50ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-includes/css/classic-themes.min.css?ver=e56b18bb81fb799a6c980decfa793be2

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17736
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 02:08:15 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kzgco%2Ffh2wRWdeIOXJ0JpwfQzU4Bpvt2qM8eClr8zES%2FgXjU9oWuwRadKFiVzVFc81UJzG0oDwBqNSP%2BINTJK9idFMxs0PqEoaUxswj1YKcCv4RiE4MeiFTID1WAOxCW6mrvz5CEqowJL9Yr1PU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae058b0b97a-AMS
expires: Mon, 10 Jul 2023 07:09:23 GMT

GET
H2 200 aces-style.css
retakebr.com.br/wp-content/plugins/aces/css/ 94 KB
11 KB 37ms
35ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/plugins/aces/css/aces-style.css?ver=3.0.2

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eba13b7c4c968c8dadceece567382a3e6c9acaf68d961d0f90ab5f31347534e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17736
cf-polished: origSize=123073
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 19:27:00 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gbzz4ihiTO1ZrS6fHDLhVyDAMeZ%2BAPdncs1u09kBzi7VHFnYr%2BoWkbI5prWGVD3mt568tEZ61EAJ8xwTG3K9mKwGS4yBS1z5vWTW7RLAwR%2FGTXEoeXSA67E6aew6%2FeC5gUkE7e3EOn8Pjx1skYo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae058b1b97a-AMS
expires: Mon, 10 Jul 2023 07:09:23 GMT

GET
H2 200 aces-media.css
retakebr.com.br/wp-content/plugins/aces/css/ 44 KB
4 KB 47ms
46ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/plugins/aces/css/aces-media.css?ver=3.0.2

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07545caaf9707de642e908cbfe3197e4ccfe99b88162aa3913c7e85f59191de2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17736
cf-polished: origSize=57778
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 19:27:00 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FYmAnygk2DHCX%2FDVOWhGbMkdAGxFt8MIhf2TWfaflSOaPzj0dydMIr5YE3ijTjHkFLgohqzys5FAIHS6018rvz%2BKqLniosQRNsTpGQc0JgJeIcMj%2BOQVDe2nk8sILbxA1BLWBpieaM2Giookfg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae058b2b97a-AMS
expires: Mon, 10 Jul 2023 07:09:23 GMT

GET
H2 200 owl.carousel.min.css
retakebr.com.br/wp-content/themes/mercury/css/ 3 KB
1 KB 47ms
45ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/css/owl.carousel.min.css?ver=2.3.4

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17736
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6pHOO%2BSRt3e9QCkjuJ7Uzm0XtBFQiIDPXm7ck%2BaIR%2Fv3cJ4w2pbncDa3k0lpviiQWuL07r7qQyP0KWogn4HupjZFayu61gKbH%2FU92vodSwG0NMKrqN%2B%2Fxh2lGspO7jXfZNkM9BHzS%2FsAXha6DQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae058b3b97a-AMS
expires: Mon, 10 Jul 2023 07:09:23 GMT

GET
H2 200 animate.css
retakebr.com.br/wp-content/themes/mercury/css/ 55 KB
5 KB 43ms
42ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/css/animate.css?ver=2.3.4

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6de242265cf0c8ac812427bcfafd48416f1deebf9164d4185be216b6d3081cea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17736
cf-polished: origSize=73029
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KAjCl7unJpeONKO3G2l5S4mj0bl1LhL%2BbFIBtr1nTgQR0j4lwp2YEDV6I6hHIVhujgBGvfWKWDmfW8ohjsBKzQr0nRGZsL4QhFnLe3%2FSSUh90FFawTvvfnuKpRKrW31FRL4WBiEcxJWRrixmqs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae058b4b97a-AMS
expires: Mon, 10 Jul 2023 07:09:23 GMT

GET
H2 200 style.css
retakebr.com.br/wp-content/themes/mercury-child/ 30 B
570 B 52ms
51ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury-child/style.css?ver=3.9.3

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb626d44b2d3d3176c26616eaca12cbc52e9cfe88b708d90a08b9e66f5f8630a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17736
cf-polished: origSize=244
alt-svc: h3=":443"; ma=86400
content-length: 30
cf-bgj: minify
last-modified: Tue, 04 Apr 2023 03:10:26 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9obeu%2Bg3QyijhWVUBSbx%2BMyYAegSDvNANFZB0AcCk2oF34EVBiWOjOGtqHeoRJhQWYURgZGH%2F2INBQvYcmQzItssqB9rMtPpd0ckFe%2Ba%2Ba1kxnOwMno1Y7eXC4fdEd2D2noZynPvPXSDPj%2BDf0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae058b5b97a-AMS
expires: Mon, 10 Jul 2023 07:09:23 GMT

GET
H2 200 media.css
retakebr.com.br/wp-content/themes/mercury/css/ 32 KB
4 KB 53ms
52ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/css/media.css?ver=3.9.3

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43876c523ee036ff6d78a4b8dd69f8be38b6d1d73347d55f0bb2d6453b1b7489

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17736
cf-polished: origSize=46386
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTMhBBPrq%2BYQhy1g1rTQgv24sdyqwm40ltNZU5N8RsXtGqMVO6MEg8VPxwKTsSVb6ujz2THmNMQLZ89xu9SlkFpDTrBZ50jiHtqvkJk7uc5d4lD2OL712ulgqzMG35V%2FrOLKEgaNqZcgcUmsNzg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae058b6b97a-AMS
expires: Mon, 10 Jul 2023 07:09:23 GMT

GET
H2 200 default.css
retakebr.com.br/wp-content/plugins/tablepress/css/build/ 6 KB
3 KB 52ms
51ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/plugins/tablepress/css/build/default.css?ver=2.1.4

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98088166c358ebc80bb1a7ebb26faf17dea6872bb185489bfeed6e295d020874

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17736
cf-polished: origSize=6087
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 05 Jun 2023 18:58:11 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfQPEox5WRTw14%2FgFtr757MBSnlwuwq2OG%2FLGpEDIYiv7XvCPlUU3q5pfXkSPC77CqWVa7VYMwFA6Iq0LHYDMJ9v8K2ewdP1NUmclJ2ZDa7D%2FPxbJvXJgmltmqI2%2B%2BPQb8VQPgPppCLeaNYCkZk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae058b7b97a-AMS
expires: Mon, 10 Jul 2023 07:09:23 GMT

GET
H2 200 front.min.css
retakebr.com.br/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 50ms
49ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/plugins/cookie-notice/css/front.min.css?ver=e56b18bb81fb799a6c980decfa793be2

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17736
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 14:56:06 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQNud3g5oFigEngpRVM2sRULx843mnGgj8M%2B3BDaBv5ZvPk814UldT9eltH%2Fc7zVpOVeM4yf1RxPuR1KBrLSt86GXj429Yi2vhbgBWBohXI%2B93R1%2BS5%2FZCMpJa5dkcVyW4llgiq6rh6ze%2FBAmQc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae058b8b97a-AMS
expires: Mon, 10 Jul 2023 07:09:23 GMT

GET
H3 200 jquery.min.js Show response
retakebr.com.br/wp-includes/js/jquery/ 88 KB
32 KB 39ms
38ms Script
application/x-javascript 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31501
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 02:08:13 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j73XhBG2%2BNm12TwmiVMpRIowuUK8nGp7juInJwGZ9AnJcqH6rhCvzhilo0yNMCrTsH9Q4xudczP2RhrT1kSRAz9%2BADNNCd2EUnot0RhF0zF5G6%2BAHQBtwSeTkVybtH%2FWWqCduDgPRY%2FEJebr7TQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae139f10a59-AMS
expires: Sun, 09 Jun 2024 09:19:58 GMT

GET
H3 200 jquery-migrate.min.js Show response
retakebr.com.br/wp-includes/js/jquery/ 13 KB
5 KB 34ms
34ms Script
application/x-javascript 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39807
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 02:08:13 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DP0qyzg6Y3BIrA7xM6X%2BrqOq4IfAFZWc5DoI45G28zcxEDBKN6yHndlE95uAqEPOOnhm%2BoA2nXyPJo3w8xBPamVAzUmNZs9a%2BVKz95m2gUYjogbwsOc03AFJfpXOxHgMJABg9hI%2FHfP0Z%2BhUV1Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae1aa6a0a59-AMS
expires: Sun, 09 Jun 2024 07:01:32 GMT

GET
H3 200 front.min.js Show response
retakebr.com.br/wp-content/plugins/cookie-notice/js/ 8 KB
3 KB 39ms
38ms Script
application/x-javascript 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.8

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39807
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 14:56:06 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMIpn%2BMbuVX4TIC%2B7eGXshYOy3zyHhQKXiCX0xOub6LUE42PAHqQ3%2FHpT1RCL6uANXK5a22jNaFYE8NS6t%2BhmFkbQJZQWhV9v%2Bv1F0cJSZihn3psKbtZzTQ%2FziQOAsRwJoc07UaDP0cRflsaDhY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae1eab50a59-AMS
expires: Sun, 09 Jun 2024 07:01:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 124ms
48ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DY10Q8W48M

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ff435ed58b8422cbf16969d4e71ed46146124e9de87899e7503e501d9163b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 10 Jun 2023 12:04:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
47 KB 168ms
92ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3637999307044405

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61dc598ccb792f2dd7fc9f16131c367c2a6e09945ad4937930b157f6fc7c833c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48072
x-xss-protection: 0
server: cafe
etag: 4764202738919732380
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 10 Jun 2023 12:05:00 GMT

GET
H3 200 retakebr-banner-1024x256.webp
retakebr.com.br/wp-content/uploads/2023/04/ 18 KB
19 KB 344ms
342ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/04/retakebr-banner-1024x256.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

756de73dc6eb6c5c7f71a906ddc4e66109aed9d56312c92c18a880ce0fe7e86a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 18904
last-modified: Tue, 04 Apr 2023 00:46:14 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3kThjAAQkHuMLx8aHqLbfXz0V4Et9CFMoH0BR%2BsN1BDCIf9DDbGpzM8WlQ%2FruPE9h%2F150G%2FNws%2B7TUUOKhI%2Fwy1WMkTwXCKGzg6BFtXLuiq%2Fr9KoNNfmpsvSvOWktv6RVl116WCrGxyZjM1WBo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae2fbf70a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 91ms
35ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 925734
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10480
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgpWi7FMtvYQVRyTc7Npn9%2FaJyJQhV28P%2FklBNRA3pr69OzqL9pcudZIXo%2Fyrdaowh9GYcmUtLlEUEs7hy0y1g6%2FtOzy6VXGmYBwqqjXOanhX9U6EB2vVAO29%2FeWsj%2B9NdBgqIOstWAkI7oTsahjomPN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d517ae10844b908-AMS
expires: Thu, 30 May 2024 12:04:59 GMT

GET
H3 200 theia-sticky-sidebar.min.js Show response
retakebr.com.br/wp-content/themes/mercury/js/ 5 KB
2 KB 35ms
33ms Script
application/x-javascript 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/js/theia-sticky-sidebar.min.js?ver=1.7.0

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c7fe9f4b7e2cbaeadf56a93f537dfe760444ddbc081a7d12aa5c97c98cafce9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45987
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9reFmNDzmI2bLtPDtU%2FQuNZlFinfD6VJQHP%2BBU4YDUSXJrL57PNb7JbtgrKr9SkqueSfdq0%2Bi2Lgw9FxZvTwHtEFd0STgSDxNK8Km2nn3Hnu9Phb3QZ18y7kj2N%2BlZT42zMW8uMYReIWi1QrtiM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae2fbf80a59-AMS
expires: Sun, 09 Jun 2024 05:18:33 GMT

GET
H3 200 enable-sticky-sidebar.js Show response
retakebr.com.br/wp-content/themes/mercury/js/ 154 B
725 B 38ms
36ms Script
application/x-javascript 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/js/enable-sticky-sidebar.js?ver=3.9.3

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24834ede2021cd5e7283d2a952c6718c6fffd165d8ab9df907f4222a113429b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39808
cf-polished: origSize=163
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25cCSTCzcP2lHXRnewPD2kWR9YOlHCy%2BQNlS%2BDM2JAM8GWbGeWaPbEYijGPVJCaH2lSOqg1StOtXhCZ4Rr03k%2BM3kxjtLWtwSKgvdCW8r%2F4mS%2FEhcS8ie7NDueTUVl0oLl34kCLJ3xqh4fhUcsM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae2fbf90a59-AMS
expires: Sun, 09 Jun 2024 07:01:32 GMT

GET
H3 200 owl.carousel.min.js Show response
retakebr.com.br/wp-content/themes/mercury/js/ 43 KB
12 KB 39ms
37ms Script
application/x-javascript 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/js/owl.carousel.min.js?ver=2.3.4

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39808
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s84F2ANiJ6eoKhq6Jc%2FlpdAA7Jy4MiE4j7677IagZmmL5xCOW%2Byjb3TQEhMriULrYN8MPPbrldm26QnG0W3zGBuBigoSpVweZnwDL22riTzUlBO1GG9kW0iOn%2FmPLbfgod3yuK0DIdLVDOMjhA8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae2fbfa0a59-AMS
expires: Sun, 09 Jun 2024 07:01:32 GMT

GET
H3 200 scripts.js Show response
retakebr.com.br/wp-content/themes/mercury/js/ 2 KB
1 KB 38ms
36ms Script
application/x-javascript 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/js/scripts.js?ver=3.9.3

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d9f78e62b4aac470f7f556dd4a64ba9ecac44c9d7d2a77c2e6110af3a965e73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45987
cf-polished: origSize=3189
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FjJ1kay0y14fy7jn6ewFQp3psfYnOiGKvSqhAnNvzK9DfPdsVrFa%2FYqrhYJG2VRsLCRhgkSi%2BckEuQjXWkWvT7hWA8ueRzTsKmSPbaIKHhsNxl7oWmgZsTjTj9TSEAB2XMXPVueMIq8ekovpzI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae2fbfc0a59-AMS
expires: Sun, 09 Jun 2024 05:18:33 GMT

GET
H2 200 23b8c66013.js Show response
kit.fontawesome.com/ 11 KB
5 KB 115ms
51ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/23b8c66013.js?ver=5.15.4

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d96e5791bf2085cfec1ecb5cba8616fa17945043ddb16e9733c76b7f4a69ecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7d517ae35b770e9c-AMS
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F2VUbND0Y4zYEQUAAO1C

GET
H2 200 style.css
retakebr.com.br/wp-content/themes/mercury/ 102 KB
15 KB 338ms
338ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/style.css

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/wp-content/themes/mercury-child/style.css?ver=3.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a6484d1d091d289e949e33fd65472c22e145f2420dc3f6a003810d1c0412b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/wp-content/themes/mercury-child/style.css?ver=3.9.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:04:59 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDtUJBWTp84yobs0qf1Ra5KCvyTGvxvQCh760IyVZRF5b6qPUElPOarNNCcbr2NC5bJ%2BDmokc%2BuY8i070oocgfP1w3R2WlmzDgAVGTsfDUc5SqHiX6C%2BgJTtcqDaKna9ZKSfvt%2FtynAuGdUlGQ8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d517ae0a903b97a-AMS
expires: Mon, 10 Jul 2023 12:04:59 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 75 KB
76 KB 117ms
83ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de698f771f908f6249a14b16e6c5e46c7bb7fd7477be0d48253a6c27481eb7e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 324593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76764
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-12bdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1N8xUMu7IBP39S%2FIcRKcPL7ICQnHNkhLcutTc1vKLnD4HwRq7miT9AhQT9YAqrXri0YF6S42ZBGE8mw2RLAQNitM1dY%2F7bZKjmFkJgw8hYl%2FqHNPgQItQ%2B5YqUNmdrzK0wC%2BGvIlPCBr4dHj9NBK%2BpSU"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d517ae35d430a48-AMS
expires: Thu, 30 May 2024 12:05:00 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 76 KB
77 KB 65ms
31ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 328863
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78196
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-13174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FS50CBwqKWpyarN2hOXegcO8Fqy0TdPAYFNDn5PLJxoq0aT1oXZBZneQMRr4c1wYqOuZXv2rpraxgehAQ%2F%2B3sRUkW4bR%2FalxoH0u%2FR4BMiYKl1ZBqCtWShXIMdgkl1CGydoK67cqTxQLUyZc1xH%2BaErd"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d517ae35d480a48-AMS
expires: Thu, 30 May 2024 12:05:00 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 13 KB
14 KB 166ms
134ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f0fefab783abd19bc1b6c4f9dedd620764d243d141165603c77bb5152c231c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9189340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13276
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-33dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxeNTaHX%2FMkG8qtv5skqae%2FrilBKih49SdqpT9UhZY64xzeUaQu50YVA%2F6saAGc23NgSjq1StruMZA32OCRs8DRP0HbE1jRDjWuc7z8d6zOWhEpnOmv%2BY9XFXcihorhqZlG0kts48JZQ4tr7gO0p2A%2BG"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d517ae35d4a0a48-AMS
expires: Thu, 30 May 2024 12:05:00 GMT

GET
H3 200 counter-strike-2-beta-disponivel-segunda-onda-jogadores-450x450.webp
retakebr.com.br/wp-content/uploads/2023/06/ 11 KB
11 KB 240ms
239ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/06/counter-strike-2-beta-disponivel-segunda-onda-jogadores-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71ff14481da19165757eff1d2f3fa6c3ed0898b8d6402e545f6312c14b06bf7f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 11190
last-modified: Sat, 10 Jun 2023 01:58:11 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLTPN5Z9VT7HUF0bImmdVnnFgW8Kdt9vBobFNxgNMKud98pjHUrj%2FDNTwdYjEf27W6jMTM59z%2BH5jwrryGFIy4lUEHbbVswzX8DyZaA%2BpB6Gg%2FYRiC087%2FzpJura%2F%2Fir6xVfWcxoUdjbVfIqw1Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cba0a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 imperial-vence-col-blast-finals-450x450.webp
retakebr.com.br/wp-content/uploads/2023/06/ 17 KB
17 KB 341ms
335ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/06/imperial-vence-col-blast-finals-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c77ff24ff88a8239cc67a70bc064e43a6b7b2532ece0505912bd2b965e4b705

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 17142
last-modified: Fri, 09 Jun 2023 18:54:48 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3HjNN51wkpSf3quRN7i9OX6VbOEpIKRNlegpcs9CBwegaqEDWjzcvSQdMGzprc4snA1SjDFdLWAgwHG0bgjwCBu%2BCMakDZuR3GET%2Ffwsps7OT%2F%2F6EgVinlMweJbIIE%2FzoX9tXFxkXQH9t8306g%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cc50a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 g2-vence-imperial-blast-pring-final-450x450.webp
retakebr.com.br/wp-content/uploads/2023/06/ 17 KB
18 KB 399ms
392ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/06/g2-vence-imperial-blast-pring-final-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40be6fd743dbf7720ec19c7a0636862f0f7e5ac8fc5565798638958f7c9bb427

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 17508
last-modified: Fri, 09 Jun 2023 16:09:06 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqEvKS1mdKLlm%2B1ChHPjx6e%2BO4rIOUj7e4rtjL4RP%2BWLTpsUz%2FQUp3VOIVpUH84vQDYS5cwDH2MRBBEKJfj%2BaPOqoNZRuGGoSv1F0DupgV64xUAc97FtkcwO2XVTR%2BvEMI6wv4p9PSwKM75bQVk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cc70a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 imperial-atropela-vitality-blast-premier-2023-450x450.webp
retakebr.com.br/wp-content/uploads/2023/06/ 15 KB
16 KB 384ms
377ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/06/imperial-atropela-vitality-blast-premier-2023-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1218c28a3390f8f3b1215b31747fcd4e6e4bd9b7e974a19b7b3564bc413ca179

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15790
last-modified: Wed, 07 Jun 2023 16:29:23 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXVr5Yqm6TfPVQDUgXMM2ShtHPO6Ijb5Kg68C3KRgka4slJ2ul5YLcM%2Fj82sBixTzjS9xsNK5m1elNLK1LNygf5NQ8hCZxOygypM2OFXFa5KaN49r9aUrwOtOhh8Op2hIJHo0%2Fyz%2Ff0J%2Fc2wX34%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cc80a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 blast-premier-spring-final-2023-capa-450x450.webp
retakebr.com.br/wp-content/uploads/2023/06/ 18 KB
19 KB 345ms
339ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/06/blast-premier-spring-final-2023-capa-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76b1b4ecded06fd84581ef74d49e5cf0f124816605adc9f08a222aa07cb960e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 18838
last-modified: Wed, 07 Jun 2023 22:22:41 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YH4u5dT%2F%2BzUoolSIuD8403gXHhEpX%2FAbA95IGHuUxUBib63rz1EqzJpdsuOiRmMQTLMnLuABKTOOieWOPy7IvdZc%2BwlRZyru9z3zSYDPf8KQgQKl%2FKDuOqJ6bFIJzCqYxFj%2FRwpJZbjcZs9rgu4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cc90a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 ence-iem-dallas-2023-450x450.webp
retakebr.com.br/wp-content/uploads/2023/06/ 21 KB
22 KB 376ms
371ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/06/ence-iem-dallas-2023-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f60b88d280f49193a4ce290da4af5c0abdadc8646b7abb8108152195d26941c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 21760
last-modified: Mon, 05 Jun 2023 21:17:02 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXRnNRbsU45ObCP26cP3R4vHLsGsSQZmAqkidWmEWuXwcYquP%2FkK52vHHBrEnQHOvKz%2BRK8kUckjb99GEcUlVZ5Mje%2F3WewSoJ9JlY6ZpAiasPslKdhXoZ7lcFIdva9h%2BUi2KK6X%2FdemWrBv9dE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cca0a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 Imperial-vence-final-bpl-14-450x450.webp
retakebr.com.br/wp-content/uploads/2023/06/ 15 KB
15 KB 378ms
372ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/06/Imperial-vence-final-bpl-14-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe19169bb3f483233ed8454d176b3da5e00f81ba3f9e7e49e3ff767aa4d91f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15052
last-modified: Sun, 04 Jun 2023 20:40:31 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPVHXUrmkShHSZ18buQsIT%2FIQbt%2B%2FnGyJkIkjn66PxWNpxX7zNhvGDkWyFe5B2HD41RPi5C2ngZlPP%2F0dbSS2wJubHcMtpixAE9D5ht7CCqZ%2FkYm4kBVyF5%2BDEwE%2F07fTK2eQIJbrbZO9gfzBvc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39ccb0a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 ence-vence-mouz-final-iem-dallas-450x450.webp
retakebr.com.br/wp-content/uploads/2023/06/ 14 KB
14 KB 340ms
338ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/06/ence-vence-mouz-final-iem-dallas-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd7d56015c6fac16ea0a36153125d4a99cfa4fbca302f6b6eccc4cead076d73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 14044
last-modified: Sun, 04 Jun 2023 20:03:30 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEA%2Bjsag2fIeXAwpstmrkVuORAnzAFuGNrqBJUkNHS60OFGTLm65Z6%2FKINGQK1AIeX%2BSf5%2FGrMNqY5QKI0PuSb0x7ovTGyk7i8TXDHseR%2B9m3LAE1eJC%2B3fz%2BYBbOO7153x7MgWqMgkr9znKh4s%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39ccc0a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 ence-vence-faze-iem-dallas-2023-450x450.webp
retakebr.com.br/wp-content/uploads/2023/06/ 14 KB
14 KB 396ms
394ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/06/ence-vence-faze-iem-dallas-2023-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6fa6ffc627d01125cc6a94d9978cf77a6068cface7573dbee1ecb3e30bc8ea6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 14120
last-modified: Sun, 04 Jun 2023 17:32:23 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKnio57fruV74cYs2ov42rGo7sUXdLLmqs%2Ftpzfu1ukEJQH0Ym42lJOWWpbJNxzWIJH%2BAHVwAl%2BSZLc5h3mBN1yiBCRppTFT2G7TusZHeUfwiuV4nVtvu6oolkmj0TulhJ4J9O2m5EyNvqyAyZM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cce0a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 como-aumentar-som-passos-cs-go-450x338.webp
retakebr.com.br/wp-content/uploads/2023/04/ 25 KB
25 KB 397ms
395ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/04/como-aumentar-som-passos-cs-go-450x338.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b944d9cb4994adb53037b8db6236c81f01cf625887764529fd46a36d8b72d6e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 25410
last-modified: Sun, 30 Apr 2023 21:01:15 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1aJAZp0Q58pM1HswzdqMfSwSRr6src8tiS8Cz0OEXf0OanIoda5w4vrkYpk19EUXJTD2pCq0xerCQKlcbi4%2BHjW36N3YmEFUiqYeOYEbNbxAKonrgUrUnbsgciFPT0VgUd%2Fg4R3mj9wSQ0gvNw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39ccf0a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 como-trocar-microfone-no-csgo-sem-alterar-no-windows-450x338.webp
retakebr.com.br/wp-content/uploads/2023/01/ 26 KB
26 KB 399ms
397ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/01/como-trocar-microfone-no-csgo-sem-alterar-no-windows-450x338.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90d7576832821a0cf5e65e08e3a6929066acbb9acbdec4738dec82ee3d6982eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 26522
last-modified: Thu, 13 Apr 2023 22:13:41 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7j4%2BeUonBCgbq7YzAWjxhRhZZAk83tBXG8bvdPb1lMzXAFkBsCTtZcpt92pD5zYV%2FZ6qjMmSidHBF%2F7K0ewLRClZdWgKVonIJjKZyVG%2FC7aqxAGRX4xmI3Kf6E50d4ySXDTrzAh7ubi9HnulRwI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cd20a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 aumentar-volume-microfone-time-no-csgo-450x338.webp
retakebr.com.br/wp-content/uploads/2023/03/ 18 KB
19 KB 375ms
374ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/03/aumentar-volume-microfone-time-no-csgo-450x338.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

483726921f3750500b585e5aa13db1ec1a46147ad86d06fbc6b2350eb72b3703

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 18738
last-modified: Fri, 21 Apr 2023 16:37:37 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ta5oEBXs6dHQ9H%2B1uJqCrhLtv0qW8fl%2FjSLy0NA7sOSqxDvv1We1G%2F7HGDE36xGqCI228fkvHneXxx6rfB%2BeRy%2B8HHFc0sq5PWRI4NBGsU3p26jSNNtdGNJX3jMsCfI9PPr8mA63wOuVEVx%2FPws%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cd50a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 desligar-musica-csgo.webp
retakebr.com.br/wp-content/uploads/2023/01/ 8 KB
8 KB 242ms
241ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/01/desligar-musica-csgo.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bf77546bc9628aa693ac5ea212bf8b326821fe39959d50bda9f9d045f5e5c6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7680
last-modified: Mon, 23 Jan 2023 21:36:23 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1Q8E8%2BV%2BLp%2Ft%2FnF%2FDFGvmwpighFRLlxARpkUIg9DAPzkq0zBOoQoUrVztMLT9e1LF5IGl39BArlOX9jkUsePyw3XeIIpFPkeT8wS3E1kzzKvrtFa1Ss658cxQhTxYeRRfBbSGXfQ%2Bm9LMdDYLM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cd70a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 audio-background-csgo.webp
retakebr.com.br/wp-content/uploads/2023/01/ 8 KB
8 KB 258ms
257ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/01/audio-background-csgo.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71f45fa39b9e00c82913d3a7a044af7536baba93519cc84ccfd346c4895cb2f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7788
last-modified: Mon, 16 Jan 2023 23:19:59 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhHJKfjlNghAZsG84ZdFiXq9xWuf%2Fyn8B2xh6O8bWHxCp8xnbnZleszMO12Gw7CJ7M%2BD9OrLy0yFShRN3WhGqBwJyOgI2DXsvGWxQ6iC%2FDN75CXsTg0LcM4wNGeYFuqiz4aPs%2BESLz9Jm9iHz%2BU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cd80a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 falar-cs-go-mudar-tecla.webp
retakebr.com.br/wp-content/uploads/2022/09/ 7 KB
7 KB 273ms
272ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2022/09/falar-cs-go-mudar-tecla.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05d34e3820421019e1d3b4ad2ba7d03f0a0a74f94664f4393cc07730c8f7abbb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6932
last-modified: Sun, 15 Jan 2023 18:08:36 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDMcdkdrVcOUbLfenZci8uixFbl9dqVyS%2BtGCzJR2N7D0idlju6v0oQQkY9mgMM6jclRomMy8LwRHh99mEXTqSUEK65XCxWTQ%2BgAxvZ3%2F7EkcnGgKfIzZH572yEg3nyrMYi%2B57P11imiu1qUapE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cd90a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 soltar-bang-pular-csgo.webp
retakebr.com.br/wp-content/uploads/2023/03/ 31 KB
32 KB 370ms
369ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/03/soltar-bang-pular-csgo.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de6b6cb1a984b0e3418ec8185b8ad7df7c97ea54897f2061da48e9e972f5562d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 32140
last-modified: Sat, 18 Mar 2023 20:02:54 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5S43Yt0iP3BOQsfrZfKRHwR4yWL2ogOZDNA%2BqqX6DkVu7eiajEM1oI%2BMr2NzczOuwaARpLjIeo%2B9k5TkeDRGb1o8XMcq00agBfaV0g%2BeXSEftQ6FcVSOgqzryApEvPRXvG99yNfosR3L%2FeC5rc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cda0a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 como-salvar-executar-cfg-csgo-450x338.webp
retakebr.com.br/wp-content/uploads/2023/03/ 18 KB
18 KB 420ms
418ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/03/como-salvar-executar-cfg-csgo-450x338.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcea90dfd1c1d7d57e77b5317974a45b1856500e8d786e4b847298fd59ca1024

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 18026
last-modified: Thu, 04 May 2023 02:43:33 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IuB%2BC7RBqkuLsxxDYA6hrytKb2xpvXR8%2FNp%2BCt5ijVv%2FV4e1TDfVx3VZ1YDfl1iIxya6wuJqAgA9Eira%2FfLrJzoDhbnsUoFMGrOALHTM7YQCi1uKgx%2FkVHJ%2F0OPqMCxSBiaUfr1fS70OZ%2BQXtk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cdb0a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 comando-auto-kick-cs-go.webp
retakebr.com.br/wp-content/uploads/2023/01/ 8 KB
9 KB 273ms
272ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/01/comando-auto-kick-cs-go.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2df9f992edf7d3f27925721d4a1a36948fff0ae353161cd6dc2bf1c36c9b091f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8594
last-modified: Wed, 18 Jan 2023 04:35:54 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auC2PaXSe00znfRVAtWrrvbR9b72DWXJhNlkJvwEsW3W%2FTaVloz1ROqLm3ybjrjJgRuo44IAe%2FB90xIXXf6LSPaPRI7XJnmlQlQkF68i14P4nNbnn2gqztqL7%2F4Bw%2BDZTqnetWQVsHMnboLXZLw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cdd0a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 alterar-posicao-arma-cs-go.webp
retakebr.com.br/wp-content/uploads/2023/01/ 17 KB
18 KB 422ms
421ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/01/alterar-posicao-arma-cs-go.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fcc2befcec256bcdd3d1eeabca1b401002665ddb249e467cbd7fbcc0eaa4bfe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 17884
last-modified: Fri, 13 Jan 2023 21:44:29 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUhFm8MLm5N5WyubV%2BoHzqzDHpYgHcYjhzayTvZjLpB8SpGL2bKG8P65QMjme23ApAsjgejDLfJx3pRKio8i81zjPmt%2FZmB%2B20f%2BGTGy4LqZv1pT2YT7y%2BDnn8BNYdYQ4WQkgzeHI%2FKIzKYIwmE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39cdf0a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 alterar-mira-csgo.webp
retakebr.com.br/wp-content/uploads/2022/11/ 7 KB
8 KB 283ms
282ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2022/11/alterar-mira-csgo.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d95d227b9bd0dd83e85e3d500df081df39b06ede70693bf1d6947b00f510a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7204
last-modified: Tue, 17 Jan 2023 00:11:43 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtHxpkNn5Ll9c7Z4iNNG7kDDkls9D6FkoKuNUzid6edV588nHphst%2FqyAe3oDuP%2F2yp7Xm7pL981gdD6pV2wpTD%2BuExOErFTAEgfLReE2SRGGfJ%2B5yYB8U68JbGBpzPfQlNonVf%2BVLvVzq3HHjw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39ce00a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

GET
H3 200 aprenda-ativar-comandos-faca-csgo-450x338.webp
retakebr.com.br/wp-content/uploads/2022/10/ 15 KB
15 KB 423ms
422ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2022/10/aprenda-ativar-comandos-faca-csgo-450x338.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4478b0cc063a5f2d2a75a157441109535f517fbaadf2040b80899eb3b3e9c697

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15218
last-modified: Sun, 30 Apr 2023 12:12:47 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOJlmMv3KogiYhrmvfZ5mmXlWTvaP4G30crJ0ghw8%2FVfeOORxefU%2BeiDBQk1Y%2ByCfyW%2BlfVUVMm2YA%2B%2BSQj7RXrF2tPq1EuwTHLXtrdK22G2shyaSOmZN8%2BT48cLuG%2F%2BtKHoV9utc2BEjoaoXiY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d517ae39ce10a59-AMS
expires: Sun, 09 Jun 2024 12:05:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
245 B 93ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DY10Q8W48M&gtm=45je3671&_p=1619152942&_gaz=1&cid=511979164.1686398700&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686398700&sct=1&seg=0&dl=https%3A%2F%2Fretakebr.com.br%2F&dt=Retakebr%20-%20Portal%20de%20Not%C3%ADcias%20de%20Counter%20Strike%20e%20Tutoriais%20CSGO&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DY10Q8W48M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 12:05:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://retakebr.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 112ms
39ms Ping
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DY10Q8W48M&cid=511979164.1686398700&gtm=45je3671&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DY10Q8W48M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 12:05:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://retakebr.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 127ms
45ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DY10Q8W48M&cid=511979164.1686398700&gtm=45je3671&aip=1&z=136117484

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 12:05:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 96ms
37ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=23b8c66013
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/23b8c66013.js?ver=5.15.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
via: 1.1 db3ad39d2b444e5c9e38affc6638a5cc.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 20608
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERzgiMMdyEaFiP1PtAhZhVD%2BZNvu43YvyCTDZcC%2FYv2c4cHNgQeA8h9les4XsFmgpVsXg86FqAwFHCwqq%2BMfk4OrtrvRkAHxyTgqI4TsgKQdaThsbB%2FOWEBkMEa50LtuSvSPCSbHst0mPB%2BN3m4jjukG0w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7d517ae44ff61b06-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 8rnik_-RO2Q4VEUKq2GeCd4b7IM-yUiN5uEoqRhTo5W24jXWYwph4A==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/ 352 KB
118 KB 243ms
112ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br&bust=31075178

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3637999307044405

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cbe16d1fe4e7c7a3b1b4ac38c7bd340add8a6043489d617ec465aecb28fcef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120859
x-xss-protection: 0
server: cafe
etag: 11405888859556331088
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Jun 2023 12:05:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/ Frame 6996 10 KB
5 KB 202ms
53ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3637999307044405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 20384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 06:25:16 GMT
etag: 15057649708203361565
expires: Sat, 24 Jun 2023 06:25:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 60ms
42ms Font
font/woff2 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by: Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer: https://retakebr.com.br/
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
via: 1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 20608
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 76736
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tm2NYaQGuBVG3cuOH1Qg1tePOwYOQ0UmB3KeZOtn5RypHlhIJSWwSk%2FijuYDz9iVomseTLspA12a8vseJx536M1OFDYeDqfl%2B5A8raM9XLGKivtHdjE8kVC%2Bm1UTP7R4hVbSeSpJKHr0YwTYAX7wZRJuBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7d517ae4c8781b06-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: rACdhs5kiVv-ObVgSGEg9x2oTETIsCXe4krhHoKk9CKtj5Wwv3twiA==

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 86ms
68ms Font
font/woff2 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://retakebr.com.br/
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
via: 1.1 acc5f68eb88a8e6d59815a0246ec23f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 20608
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJlK4MqbCfi6SF%2BxE2eAtw5nmcQZFMjlLwNDUkC2m%2BoFCQjcToNDzLg2u1X6ObAetESAoKkyIvGVkaCdAXIvb4jP%2FQjB0x%2FNmQ4oQ6n%2BPCAm%2BIasveE8idgWOzsGQJfkrTlUiwUFjSw38rbw6zdkl2fASA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7d517ae4c8791b06-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: iZsEnIvMXuoYjiFVRyMd0EGJTOKAI9CIz0lDCiE4_DADQs1vCwA53g==

GET
H2 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 13 KB
13 KB 73ms
67ms Font
font/woff2 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by: Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer: https://retakebr.com.br/
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
via: 1.1 c38563a65534cacc21516bd5450b0818.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 20608
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 13216
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "b8f1c6a3a94d42b082c29f0b1db8ba95"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S09O389dtBH5o66bc%2BnrHxdpg9ovzueBgAiepq%2FYiMS9%2BP%2BUPwPSnaKYLRNF0PUZkOfYNHiuU639Id2KEN6q7G6N%2BFRqdW3YJwX8k3vi6E3Qst0k8kd0HQ6uxbhDiUBas8u8t2mdjIpdpFRODzaeMmmeWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7d517ae4c87f1b06-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: n2Lm7hIduJ0NnysbpFaBy8i7rwDYj0zZ7cD6MPs4F-Rn1zhlEdsvHA==

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 72ms
70ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3637999307044405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://retakebr.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
608 B 196ms
88ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=retakebr.com.br&callback=_gfp_s_&client=ca-pub-3637999307044405

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br&bust=31075178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a76f52a7ebf56ee46f0ad4cf8014144514659b1d3c39fbde611464f76b8691c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 122ms
43ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=retakebr.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4326 595 KB
105 KB 840ms
840ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&adk=1812271804&adf=3025194257&lmt=1686364382&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fretakebr.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686398700182&bpp=8&bdt=634&idt=355&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7722061071390&frm=20&pv=2&ga_vid=511979164.1686398700&ga_sid=1686398701&ga_hid=1619152942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532277%2C42532279%2C31075178%2C44785295%2C44788441%2C44793497&oid=2&pvsid=3032227015024458&tmod=92699704&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=396

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ce19d6c2ca481b194cfe906d3322f19fd9e1250bbba8eeb32c83cc4e744feb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 106996
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 12:05:01 GMT
expires: Sat, 10 Jun 2023 12:05:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A892 110 KB
36 KB 504ms
503ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686364382&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686398700190&bpp=3&bdt=642&idt=393&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7722061071390&frm=20&pv=1&ga_vid=511979164.1686398700&ga_sid=1686398701&ga_hid=1619152942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532277%2C42532279%2C31075178%2C44785295%2C44788441%2C44793497&oid=2&pvsid=3032227015024458&tmod=92699704&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CcmUiFVFkT&p=https%3A//retakebr.com.br&dtd=396

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d25872fe4bcc82c881a13faeaaae9088d7e0029f8f370f88dbe1757c646e804b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36967
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 12:05:01 GMT
expires: Sat, 10 Jun 2023 12:05:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame A892 14 KB
2 KB 154ms
63ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686364382&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686398700190&bpp=3&bdt=642&idt=393&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7722061071390&frm=20&pv=1&ga_vid=511979164.1686398700&ga_sid=1686398701&ga_hid=1619152942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532277%2C42532279%2C31075178%2C44785295%2C44788441%2C44793497&oid=2&pvsid=3032227015024458&tmod=92699704&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CcmUiFVFkT&p=https%3A//retakebr.com.br&dtd=396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Jun 2023 12:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 10:34:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jun 2023 12:05:01 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame A892 2 KB
973 B 133ms
52ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:38:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A892 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4UOt7GaEZJvtJ4yViQa74qyoDfa_hcJuvqyapMMP2tkeEAEgtITxVmCRhKCFjBigAee3oJUDyAEJqQKgKRlQwQiyPqgDAcgDywSqBPMBT9BQxOMCyfYBlCoIjG2Oc10cAFSya0tkMLc-TFehX7ts74gXO1Ad9wXPu4AwXhOjnU_VUbgJMyEwPiEGf2-HMxPprjwadjUXFno6PqMQSA80CgFjFyq6iwmqLrdjUTeEMzqvBCXMhIIybudMFbhP2P4MYaw_xOB9T4XnyJ8_e4rM_vQgDGgWDlU4F0KTSbil_gle2KT1EzMaOPiUPGMOHgGeQnm0XW-DYvcnfFllQZsY4V7ZWN_Qn6vbeWMTW5z5bmGIVtbR6fDLIWV1MJgxZOvd1mMsImjvkKxFoG0myEYa7ks0WJAi9btnhoT-kL2iyRO-wASB3u634QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHgcjfaqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKLHB9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw2IFAPQFQGAFwGyFxwKGggAEhRwdWItMzYzNzk5OTMwNzA0NDQwNRgA&sigh=A4NUgfX_d_A&uach_m=[UACH]&cid=CAQSGwBygQiDlyhkMFZHXUBHX6WMJOK-b5MTX3_7IxgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1686364382&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686398700190&bpp=3&bdt=642&idt=393&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7722061071390&frm=20&pv=1&ga_vid=511979164.1686398700&ga_sid=1686398701&ga_hid=1619152942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532277%2C42532279%2C31075178%2C44785295%2C44788441%2C44793497&oid=2&pvsid=3032227015024458&tmod=92699704&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CcmUiFVFkT&p=https%3A//retakebr.com.br&dtd=396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 10 Jun 2023 12:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Jun 2023 12:05:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame A892 23 KB
9 KB 132ms
52ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:37:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame A892 3 KB
1 KB 136ms
56ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 08:16:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame A892 20 KB
8 KB 128ms
49ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:38:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A892 175 KB
55 KB 279ms
53ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 12:05:01 GMT

GET
H2 200 d955217a3c39fa1d48035534c1a62142.js Show response
www.gstatic.com/mysidia/ Frame A892 32 KB
14 KB 130ms
47ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:08:54 GMT

GET
H2 200 3514131790483889263
tpc.googlesyndication.com/simgad/4658326007729482721/ Frame A892 66 KB
67 KB 129ms
74ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4658326007729482721/3514131790483889263?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7aac6cb063f6eea470ce9386d28967a1fe8afa5882f240b7984ccf78e2f1a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 22:57:22 GMT
x-content-type-options: nosniff
age: 306459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67913
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 19:11:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Jun 2024 22:57:22 GMT

GET
DATA 200
OK truncated
/ Frame A892 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A892 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A892 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60e84f9f08b11353a6182f336a7141b9f0631d7ddd0a932de9345801f1d574c9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/ 153 KB
52 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/reactive_library_fy2021.js?bust=31075178

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a4e38ceaea4f1574989a15921411f633512d75213dfaf9fa456bb911cdebcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53127
x-xss-protection: 0
server: cafe
etag: 14829495263592361911
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Jun 2023 12:05:01 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A892 33 KB
34 KB 149ms
52ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 320144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 19:09:17 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 49ms
42ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=retakebr.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B91 114 KB
38 KB 544ms
536ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1686364382&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686398701708&bpp=3&bdt=2159&idt=3&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1a529d28b501e276-220626ee57e10005%3AT%3D1686398700%3ART%3D1686398700%3AS%3DALNI_MbwhXke9ePaECedbBBWHNMu9nDIlg&gpic=UID%3D00000c467167425b%3AT%3D1686398700%3ART%3D1686398700%3AS%3DALNI_Ma4Pk2q-VF4MgznKDurs-Gjodbxgw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7722061071390&frm=20&pv=1&ga_vid=511979164.1686398700&ga_sid=1686398701&ga_hid=1619152942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532277%2C42532279%2C31075178%2C44785295%2C44788441%2C44793497&oid=2&psts=ABHeCvigC_2BiVmNR9agmup4n5s0HxF4EeQTomHQ-9VNU3aaLWF9TbMHB24OvajQ_GFNUWDioz1wqankdFHAg8SlZSZf2g&pvsid=3032227015024458&tmod=92699704&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rV4EONQWPa&p=https%3A//retakebr.com.br&dtd=40

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63e06cf7457c15a76da6fce9e1da3a459048918d3340845dd8573c97ab553a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 39135
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 12:05:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame DAD1 37 KB
14 KB 94ms
33ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 10:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jun 2024 10:54:01 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/ Frame 0756 10 KB
4 KB 40ms
32ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 20104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 06:29:58 GMT
etag: 15057649708203361565
expires: Sat, 24 Jun 2023 06:29:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/ Frame 2682 10 KB
4 KB 37ms
33ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 20104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 06:29:58 GMT
etag: 15057649708203361565
expires: Sat, 24 Jun 2023 06:29:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/ Frame CC7C 10 KB
4 KB 35ms
33ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 20104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 06:29:58 GMT
etag: 15057649708203361565
expires: Sat, 24 Jun 2023 06:29:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/ Frame A76F 10 KB
4 KB 38ms
36ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 20104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 06:29:58 GMT
etag: 15057649708203361565
expires: Sat, 24 Jun 2023 06:29:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 72ms
72ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br&bust=31075178
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://retakebr.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 css2
fonts.googleapis.com/ Frame 0756 4 KB
767 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Jun 2023 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 10:40:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jun 2023 12:05:02 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0756 205 B
520 B 36ms
34ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 08:44:26 GMT
x-content-type-options: nosniff
age: 12036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 09 Jun 2024 08:44:26 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0756 604 B
695 B 36ms
35ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 19:46:09 GMT
x-content-type-options: nosniff
age: 58733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Jun 2024 19:46:09 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/ Frame 0756 20 KB
8 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f39d54e71a3c475b8a65cdcdd903b249e8b8a4538f6c8f0b1f8b3c34a093302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 02:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8493
x-xss-protection: 0
server: cafe
etag: 12780958209750988066
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 02:10:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2682 6 KB
779 B 42ms
40ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Jun 2023 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 10:40:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jun 2023 12:05:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 2682 2 KB
892 B 33ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:38:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 2682 23 KB
9 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:37:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 2682 3 KB
1 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 08:16:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 2682 20 KB
8 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:38:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2682 175 KB
55 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 12:05:02 GMT

GET
H2 200 d955217a3c39fa1d48035534c1a62142.js Show response
www.gstatic.com/mysidia/ Frame 2682 32 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:08:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CC7C 6 KB
779 B 46ms
44ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Jun 2023 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 10:40:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jun 2023 12:05:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame CC7C 2 KB
892 B 48ms
48ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:38:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame CC7C 23 KB
9 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:37:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame CC7C 3 KB
1 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 08:16:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame CC7C 20 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:38:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC7C 175 KB
55 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 12:05:02 GMT

GET
H2 200 d955217a3c39fa1d48035534c1a62142.js Show response
www.gstatic.com/mysidia/ Frame CC7C 32 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:08:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A76F 14 KB
1 KB 44ms
43ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Jun 2023 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 10:40:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jun 2023 12:05:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame A76F 2 KB
892 B 50ms
49ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:38:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A76F 0
0 79ms
78ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjHmV7GaEZN2iKYXvj-8P_LiC8A32v4XCbr6smqTDD9rZHhABILSE8VZgkYSghYwYoAHnt6CVA8gBCakCoCkZUMEIsj6oAwHIA8sEqgT5AU_QPSHWYBjuhrWbFHW2xR1gT_qLVG0uSUtU_C3tqpci538ypOnmfEDJno-tyu_pk6BkaI6TMyirE79cd7kRryJTLALgjmT6_UNoGbDhCRG2ButOw7nP5pPYqkAtSdoDq46nffOwnyWvSndeUIRVLMXLxYXIo_Iioqte6WPw488tb0XiUiIXOeMaH96MC6_-IHuUvCcWUS9wmPsGMsVzXUdztdTg37x7vbSlfe7gYci2UPLbeykymlWql7Anj5OKfXYr2gnL7rJ7a50vBPFa5NlQkUPisCmej9S9-jLN3uR4cdJvXdWxfPf25TtmunfM4GUrSfOeumVOOMAEgd7ut-EDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4HI32qoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDMtgPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMNiBQD0BUBgBcBshccChoIABIUcHViLTM2Mzc5OTkzMDcwNDQ0MDUYAA&sigh=2bSsKEOnuy8&uach_m=[UACH]&cid=CAQSGwBygQiDzMYuIis__DYWfNWQSSOVqoe5oLtpoxgB&template_id=5000

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 10 Jun 2023 12:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame A76F 23 KB
9 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:37:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame A76F 3 KB
1 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 08:16:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame A76F 20 KB
8 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:38:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A76F 175 KB
55 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 12:05:02 GMT

GET
H2 200 d955217a3c39fa1d48035534c1a62142.js Show response
www.gstatic.com/mysidia/ Frame A76F 32 KB
13 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:08:54 GMT

GET
H3 200 3514131790483889263
tpc.googlesyndication.com/simgad/4658326007729482721/ Frame A76F 31 KB
31 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4658326007729482721/3514131790483889263?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6ce2f3c8ed1e2d2ab1706a053fbc1c76a6e92f9d614a502499493877c628e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 21:12:45 GMT
x-content-type-options: nosniff
age: 399137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31823
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 19:11:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jun 2024 21:12:45 GMT

GET
DATA 200
OK truncated
/ Frame A76F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A76F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 44AD 14 KB
1 KB 53ms
51ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Jun 2023 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 10:44:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jun 2023 12:05:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 44AD 2 KB
892 B 34ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:38:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 44AD 23 KB
9 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:37:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 44AD 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 08:16:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 44AD 20 KB
8 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:38:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44AD 175 KB
55 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 12:05:02 GMT

GET
H3 200 d955217a3c39fa1d48035534c1a62142.js Show response
www.gstatic.com/mysidia/ Frame 44AD 32 KB
13 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:08:54 GMT

GET
DATA 200
OK truncated
/ Frame A76F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2597571c2c717160444166a250ca8048b31c4421fdb0713fb3292cc623740cd6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 4B91 14 KB
1 KB 65ms
45ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1686364382&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686398701708&bpp=3&bdt=2159&idt=3&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1a529d28b501e276-220626ee57e10005%3AT%3D1686398700%3ART%3D1686398700%3AS%3DALNI_MbwhXke9ePaECedbBBWHNMu9nDIlg&gpic=UID%3D00000c467167425b%3AT%3D1686398700%3ART%3D1686398700%3AS%3DALNI_Ma4Pk2q-VF4MgznKDurs-Gjodbxgw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7722061071390&frm=20&pv=1&ga_vid=511979164.1686398700&ga_sid=1686398701&ga_hid=1619152942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532277%2C42532279%2C31075178%2C44785295%2C44788441%2C44793497&oid=2&psts=ABHeCvigC_2BiVmNR9agmup4n5s0HxF4EeQTomHQ-9VNU3aaLWF9TbMHB24OvajQ_GFNUWDioz1wqankdFHAg8SlZSZf2g&pvsid=3032227015024458&tmod=92699704&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rV4EONQWPa&p=https%3A//retakebr.com.br&dtd=40

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Jun 2023 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 10:42:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jun 2023 12:05:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 4B91 2 KB
892 B 55ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:38:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 4B91 23 KB
9 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:37:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 4B91 3 KB
1 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 08:16:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 4B91 20 KB
8 KB 55ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 00:38:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4B91 0
0 141ms
56ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjuwlT4Lv8yAbGc3zdy3HoXpJHhOZXDiyq6R9cvwcct3Q9qGJXFQa0Ibj_ScmUfdYsETHYQjTMzeMtRwHZYTlQLmXlrg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1686364382&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686398701708&bpp=3&bdt=2159&idt=3&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1a529d28b501e276-220626ee57e10005%3AT%3D1686398700%3ART%3D1686398700%3AS%3DALNI_MbwhXke9ePaECedbBBWHNMu9nDIlg&gpic=UID%3D00000c467167425b%3AT%3D1686398700%3ART%3D1686398700%3AS%3DALNI_Ma4Pk2q-VF4MgznKDurs-Gjodbxgw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7722061071390&frm=20&pv=1&ga_vid=511979164.1686398700&ga_sid=1686398701&ga_hid=1619152942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532277%2C42532279%2C31075178%2C44785295%2C44788441%2C44793497&oid=2&psts=ABHeCvigC_2BiVmNR9agmup4n5s0HxF4EeQTomHQ-9VNU3aaLWF9TbMHB24OvajQ_GFNUWDioz1wqankdFHAg8SlZSZf2g&pvsid=3032227015024458&tmod=92699704&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rV4EONQWPa&p=https%3A//retakebr.com.br&dtd=40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B91 175 KB
55 KB 54ms
51ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 12:05:02 GMT

GET
H3 200 d955217a3c39fa1d48035534c1a62142.js Show response
www.gstatic.com/mysidia/ Frame 4B91 32 KB
13 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:08:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4B91 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcVhP7WaEZIGEM_yI-cAP2OGXsAP2v4XCbuHUp7jxD9rZHhABILSE8VZgkYSghYwYoAHnt6CVA8gBCakCoCkZUMEIsj6oAwHIA8sEqgTzAU_Quop2pwDefKIqalTwJ6RGy9jd7q00nzcE7zJyk7LcTyleMQyLJ4ZTJjokoIBLK_uBe-q1GFwqnr5ETcC9_riOe0xnpVtU0eWZrbR2yUFycSei_3QGQl9Tp15tNu0NOIIb9TudPcK-IqYfA2Bd6okm_gm-WV_2-A9JubSbSVV74xXafGZZorLVKcm84rEqJ4puZfXsdewLJuNE3-BAl6m_uFmQpR3zgfYw8T3Qp60x-fBhq8TUlqpFcSErF3F1W5Aszq3FIU91F9WDubWq1SLdR-f-BcB6kWxtcMoHf9Nj-1mCXUa6EacdOwk2h4lb-_XLLsAEgd7ut-EDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4HI32qoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxD-J9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw2IFAPQFQGAFwGyFxwKGggAEhRwdWItMzYzNzk5OTMwNzA0NDQwNRgA&sigh=nQHu2akRSvg&uach_m=[UACH]&cid=CAQSOwBygQiDhkuIHNkuL1MQQL2tDf-lVdTKRhO4jDnDYZ0jrFaxV34eR8Hu-AkUBu14USRMJOtne6WNfvMNGAE&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1686364382&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686398701708&bpp=3&bdt=2159&idt=3&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1a529d28b501e276-220626ee57e10005%3AT%3D1686398700%3ART%3D1686398700%3AS%3DALNI_MbwhXke9ePaECedbBBWHNMu9nDIlg&gpic=UID%3D00000c467167425b%3AT%3D1686398700%3ART%3D1686398700%3AS%3DALNI_Ma4Pk2q-VF4MgznKDurs-Gjodbxgw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7722061071390&frm=20&pv=1&ga_vid=511979164.1686398700&ga_sid=1686398701&ga_hid=1619152942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532277%2C42532279%2C31075178%2C44785295%2C44788441%2C44793497&oid=2&psts=ABHeCvigC_2BiVmNR9agmup4n5s0HxF4EeQTomHQ-9VNU3aaLWF9TbMHB24OvajQ_GFNUWDioz1wqankdFHAg8SlZSZf2g&pvsid=3032227015024458&tmod=92699704&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rV4EONQWPa&p=https%3A//retakebr.com.br&dtd=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 10 Jun 2023 12:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9411314677150886406/ Frame 4B91 43 KB
43 KB 37ms
34ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9411314677150886406/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7a6afe949f02c51c23f8fea1b7a2fe404d55265ab44e87b71de83b0d977c06f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 21:08:29 GMT
x-content-type-options: nosniff
age: 53793
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43843
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 12:25:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Jun 2024 21:08:29 GMT

GET
DATA 200
OK truncated
/ Frame 4B91 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4B91 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C1E1 1 KB
643 B 39ms
33ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 81952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Sat, 10 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C89 37 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 10:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jun 2024 10:54:01 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CED 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 10:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jun 2024 10:54:01 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 88F9 37 KB
14 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 10:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jun 2024 10:54:01 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame BE09 37 KB
14 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 10:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jun 2024 10:54:01 GMT

GET
DATA 200
OK truncated
/ Frame 4B91 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f339e6d9a27792f9107b854ff30b0e60a9e188b75ed37e3cfce59d289b6348d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame C1E1 35 B
463 B 202ms
45ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMGQKs2cvYSnNsQgik2sgvE&google_cver=1&google_push=ATf1kGNZ5mnegaQtx-0T5i1PJxjQ8IR_SK7t8nrgEDvs8zZm9jO9iAS8VsyjLMAFsxvDweaIgRbRzlgkH6yBryk-Q5vU7MugfE97PA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 12:05:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C1E1
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMx6TZOtVzDM4wkO9KmsX-E&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMx6TZOtVzDM4wkO9KmsX-E&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2FmZnJUQmcxUTdYbDQ1&google_gid=CAESEMx6TZOtVzDM4wkO9KmsX-E&google_cver=1&google_push=ATf1kGMQUhtYvn0Sgw8fwUiQT5hLEBPbR5ogDmcUSEcq96U...

170 B
232 B

44ms
42ms

Image
image/png

142.250.185.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2FmZnJUQmcxUTdYbDQ1&google_gid=CAESEMx6TZOtVzDM4wkO9KmsX-E&google_cver=1&google_push=ATf1kGMQUhtYvn0Sgw8fwUiQT5hLEBPbR5ogDmcUSEcq96UcDg5jS44yen1mX15fNXsTnp06WdzJ7QPPoiwqhikAnuIlH591ZTwQU3E

Protocol

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 12:05:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 10 Jun 2023 12:05:02 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-778-gc59cb35#rel-ec2-master i-0fc821fa68431abd4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2FmZnJUQmcxUTdYbDQ1&google_gid=CAESEMx6TZOtVzDM4wkO9KmsX-E&google_cver=1&google_push=ATf1kGMQUhtYvn0Sgw8fwUiQT5hLEBPbR5ogDmcUSEcq96UcDg5jS44yen1mX15fNXsTnp06WdzJ7QPPoiwqhikAnuIlH591ZTwQU3E
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C1E1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKr-NdB-LAJ1SlXcgLaqRdc&google_push=ATf1kGM_QliNaR4fQriWrZo8bUix4rN1XXjacdUyWeRMi43jDw7x_H_3KJ...

170 B
232 B

55ms
41ms

Image
image/png

142.250.185.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKr-NdB-LAJ1SlXcgLaqRdc&google_push=ATf1kGM_QliNaR4fQriWrZo8bUix4rN1XXjacdUyWeRMi43jDw7x_H_3KJgAgPqRAAiSFn-2TV3enYb1x84mDLA-woE2tHL-g5G5B5w

Protocol

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 12:05:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21028-AMS
pragma: no-cache
date: Sat, 10 Jun 2023 12:05:02 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1686398703.779042,VS0,VE84
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKr-NdB-LAJ1SlXcgLaqRdc&google_push=ATf1kGM_QliNaR4fQriWrZo8bUix4rN1XXjacdUyWeRMi43jDw7x_H_3KJgAgPqRAAiSFn-2TV3enYb1x84mDLA-woE2tHL-g5G5B5w
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C1E1
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM0kS1QBGgdCFV27jkmMPLQ&google_cver=1&google_push=ATf1kGO4nah7U4A7LyKF3uznUacIS9C53Vh4J0httcL7Bt2iRfDS2EwNxlZ3-wv0oOtPWL4ONoCSnwvpvxv9ID94...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uMrbqroTT2mFMQ8qYPnL2w2&google_push=ATf1kGO4nah7U4A7LyKF3uznUacIS9C53Vh4J0httcL7Bt2iRfDS2EwNxlZ3-wv0oOtPWL4ONoCSnwvpvxv9ID94z99PKQbaKOU5Mds

170 B
329 B

54ms
40ms

Image
image/png

142.250.185.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uMrbqroTT2mFMQ8qYPnL2w2&google_push=ATf1kGO4nah7U4A7LyKF3uznUacIS9C53Vh4J0httcL7Bt2iRfDS2EwNxlZ3-wv0oOtPWL4ONoCSnwvpvxv9ID94z99PKQbaKOU5Mds

Protocol

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 12:05:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 10 Jun 2023 12:05:02 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uMrbqroTT2mFMQ8qYPnL2w2&google_push=ATf1kGO4nah7U4A7LyKF3uznUacIS9C53Vh4J0httcL7Bt2iRfDS2EwNxlZ3-wv0oOtPWL4ONoCSnwvpvxv9ID94z99PKQbaKOU5Mds
x-host: tde-deliveryengine-production-768c8bf7ff-n8s65
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C1E1
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDEvDeM8ZqMy9k33ipmwudY&google_cver=1&google_push=ATf1kGPH70zLMdMFTTOnhxnKdANOpBgYaPsaXaNSU9_SGw89UVbHZ36jqlF7EhwCi2_N-gz9aJqdbVGMCh_aSaCjBXaJS_T...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDEvDeM8ZqMy9k33ipmwudY&google_cver=1&google_push=ATf1kGPH70zLMdMFTTOnhxnKdANOpBgYaPsaXaNSU9_SGw89UVbHZ36jqlF7EhwCi2_N-gz9aJqdbVGMCh_aSaCjBXaJS...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPH70zLMdMFTTOnhxnKdANOpBgYaPsaXaNSU9_SGw89UVbHZ36jqlF7EhwCi2_N-gz9aJqdbVGMCh_aSaCjBXaJS_TOcew5Vew

170 B
232 B

43ms
42ms

Image
image/png

142.250.185.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPH70zLMdMFTTOnhxnKdANOpBgYaPsaXaNSU9_SGw89UVbHZ36jqlF7EhwCi2_N-gz9aJqdbVGMCh_aSaCjBXaJS_TOcew5Vew

Protocol

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 12:05:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPH70zLMdMFTTOnhxnKdANOpBgYaPsaXaNSU9_SGw89UVbHZ36jqlF7EhwCi2_N-gz9aJqdbVGMCh_aSaCjBXaJS_TOcew5Vew
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame C1E1 43 B
363 B 159ms
28ms Image
image/gif 178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEN7clDcn0g22GNQVtI9yQnE&google_cver=1&google_push=ATf1kGNo16PxYz4BqphtGYQpqC-lmR5kzuUzEC0exRTReZArj8EBgnNxK_9i3N7AkZXYHU5vjJO7WSMUZtUW-MPhMsM7hKWlGbKm6Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 12:05:01 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 295595
expires: Sat, 10 Jun 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C1E1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELsJ1gSe5EeP24yLnN98wfo&google_cver=1&google_push=ATf1kGPQjaNbfaj5WcyzkjrVxTZoD1DUN_9yOXVMLsw-E2z74sGBNAO7PL6M7P4RgckuD6AfLH0_GwZy...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELsJ1gSe5EeP24yLnN98wfo&google_cver=1&google_push=ATf1kGPQjaNbfaj5WcyzkjrVxTZoD1DUN_9yOXVMLsw-E2z74sGBNAO7PL6M7P4RgckuD6AfLH0...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk3Mzc2NDg3ODM2NjI5NDkyNQ&google_push=ATf1kGPQjaNbfaj5WcyzkjrVxTZoD1DUN_9yOXVMLsw-E2z74sGBNAO7PL6M7P4RgckuD6AfLH0_Gw...

170 B
188 B

44ms
43ms

Image
image/png

142.250.185.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk3Mzc2NDg3ODM2NjI5NDkyNQ&google_push=ATf1kGPQjaNbfaj5WcyzkjrVxTZoD1DUN_9yOXVMLsw-E2z74sGBNAO7PL6M7P4RgckuD6AfLH0_GwZyXUb7L9G-f9dyEyG-CY9aca0

Protocol

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 12:05:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Jun 2023 12:05:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk3Mzc2NDg3ODM2NjI5NDkyNQ&google_push=ATf1kGPQjaNbfaj5WcyzkjrVxTZoD1DUN_9yOXVMLsw-E2z74sGBNAO7PL6M7P4RgckuD6AfLH0_GwZyXUb7L9G-f9dyEyG-CY9aca0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C1E1 0
130 B 225ms
61ms Image
text/html 142.250.185.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWlPdFTN07qGaV7Ayyd-9qsKHhtL9_Sld25eLQV_Ssa-IixrIx9Y8m17wlI5SMVVAD8Uyb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4B91 33 KB
33 KB 64ms
63ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 320145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 19:09:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 113ms
97ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230607&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9aab6b764ac1205cfbb125b8eb5ea9710e6a0179e3522cfc71f591d013f52c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11402
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A892 42 B
64 B 77ms
69ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMp0SaPj_q6Os8DCBLcp64GYIlLFTZiLxM6bn2i07s6KQhu3IVXtNUde8vg21xdsk0l7lax4yrhejPZFIDhBd_Ll_yCrg2cmpmPr29PgTQ-f_R-IoH9mPdjO-zsE0ksbeKb-4R-4swYx0x&sai=AMfl-YRUrFJqKdA0aIzhmYS6FWddc_fpANAsd-FcumLCGkp24R2lkcNhwVPiCuxMRe9Kbmyk6hoE7XnWv0yR&sig=Cg0ArKJSzPBYuaz6Q3q5EAE&cid=CAQSGwBygQiDlyhkMFZHXUBHX6WMJOK-b5MTX3_7IxgB&id=lidar2&mcvt=1063&p=0,0,280,1200&mtos=1063,1063,1063,1063,1063&tos=1063,0,0,0,0&v=20230607&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686398700587&rpt=1299&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 12:05:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame BE26 37 KB
14 KB 39ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 10:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jun 2024 10:54:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Jun 2023 12:05:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D4C8 13 KB
5 KB 45ms
41ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 13669
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 08:17:14 GMT
expires: Sun, 09 Jun 2024 08:17:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3373 783 B
1003 B 50ms
45ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ccfcffcbf2ae04632fa584f41eedf10a870e9e07d75d47ee264363a1179f1f29

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DVBvNF6GxwONdvLwbFaKCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-DVBvNF6GxwONdvLwbFaKCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 12:05:03 GMT
expires: Sat, 10 Jun 2023 12:05:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3373 0
0 105ms
92ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230607&jk=3032227015024458&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame D4C8 37 KB
14 KB 65ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 10:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jun 2024 10:54:01 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A76F 42 B
64 B 96ms
93ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-Vs0FrOrEGMt_yqFYo2Blas7-uFr7bmp3dmMVcxMrMqgKm41cg8B4Vcrrs206DuG47_r864Eg1upZd4QdCSyaH4mNVTlRDOR7wWx-a0OnVs23N1emsug7SYDjpJ4uFezYzx0EA5xvQ3p8&sai=AMfl-YSEiGiD3KinhiytPBVWHs8Pnv7N41fybuj2Sd0F9wdqqTP2iCLBRtzYQItj6hSIfKcnFq3dFOKPBHNS&sig=Cg0ArKJSzD0MSiKlLFiMEAE&cid=CAQSGwBygQiDzMYuIis__DYWfNWQSSOVqoe5oLtpoxgB&id=lidar2&mcvt=1010&p=0,0,124,1005&mtos=291,965,1010,1010,1010&tos=291,674,45,0,0&v=20230607&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686398702005&rpt=529&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 12:05:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D4C8 0
10 B 61ms
60ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jL9J2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
90ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230607&jk=3032227015024458&bg=!2dql2o7NAAaGYqkwpmI7ADkAdvg8Wr_Mpoi3x0-uO4TocsEiVAOPL3zoUg0r5EE_zINkiW-bsR-D3fU8LhpFtzXMwjcv9U8Ob5UCAAAA_FIAAAACaAEHmQLLXS8HDexiowSdtXzwb0qX53PXEJxMvWrqIG3DcC3n4VLubBJl9NkKlouF-aIXBaqErJrR_y8PO_UUIVQgv_K6aeX-XNwBKu2DpVu_MS35fsWgTgkcomi8RR-7M2ZFA_6AZ6wNtka4Li_KbIcC162xBthDdKtQJqN3AnM0TN5hZU95TYQjBtZzG7ncPgDNoI0LlpIZJnYvUFvVGooxBTa4zFRVz05xBO2bow9W3-1zNipht5TcOlh9Y6zLT5HpHHSvkQKgKp7C1iTepHSxNfWMcrk7Y0Qy-UwzzWx_TarPQIZ-ghgxWMMcaZ4L7HBynaWeR5PP5jnKdgQ8gPLelTfW40ZFfscx7eyCg1oJw_hYV2t5ktkhOfYcYOLAeZAy0WAj_I-TrouPlW8qXbr9foF1qRDIRVeiX9kYYqgNwg6pqP6Q4nI6s8BLILAN44SlkU3VDEjZM0u2UQkNZZv0iDHB_pvFJZCPIoUS76b-dPHfjv_J8NCaZFdj6L5aXYLcEZMmzkSz0qcsosaCSyEj4mlE1qd6uJd8X6ZPMvlgaXLcDGvQFoVOwIL6ZeR0pMq8S8pjgz8sCnE3YyiVGMpOZPYqotHL9Gs3RfwsXmV7h-6N_0Gbcukq-tRsZD1mB8TDMlnt4kBuOVWS2bXb39kHexQhZGwc0zKH_ltq4Ol1YM5rfJhMcl5BB6ltOXCWJ4wrFzh2Xu9fQ6Z8LG-XszPs74F3ytH-Zt9xBfQyqaLJUAKlfZDIkeEcw5WB9RopWRkl1JZtJed3hBCKIkSzkNodahkC8pFqfxtBYm0VlUjUIVZG0Y1D3w2cAaXU5J1gn_RjoEuE9zipLePnWODkUPJ5wKCdvbezajdqIAF78CKBqjRWHGcsjS1yPp65305scwo7YCgRm3Qf6VegkeVih1WOxvhn2WJXjYXbntjZ5TEurBWQWUUGk8TKcDtnjl_XLQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.retakebr.com.br/	1970-01-20 22:02:38	Name: _ga_DY10Q8W48M Value: GS1.1.1686398700.1.0.1686398700.60.0.0
.retakebr.com.br/	1970-01-20 22:02:38	Name: _ga Value: GA1.1.511979164.1686398700
.retakebr.com.br/	1970-01-20 21:48:14	Name: __gads Value: ID=1a529d28b501e276-220626ee57e10005:T=1686398700:RT=1686398700:S=ALNI_MbwhXke9ePaECedbBBWHNMu9nDIlg
.retakebr.com.br/	1970-01-20 21:48:14	Name: __gpi Value: UID=00000c467167425b:T=1686398700:RT=1686398700:S=ALNI_Ma4Pk2q-VF4MgznKDurs-Gjodbxgw
.doubleclick.net/	1970-01-20 21:48:14	Name: IDE Value: AHWqTUmVGSzLwOwyyR8m9AA40D5XEw3kyF_2WcfcU3WJP5mSSmpsEY89QhvXfRp4HcU
.doubleclick.net/	1970-01-20 12:26:39	Name: test_cookie Value: CheckForPermission
.travelaudience.com/	1970-01-20 21:56:53	Name: _tracker Value: %7B%22UUID%22%3A%22B8CADBAA-BA13-4F69-8531-0F2A60F9CBDB%22%7D
.quantserve.com/	1970-01-20 14:36:14	Name: d Value: ECgBCQGZKYEA
.quantserve.com/	1970-01-20 21:56:53	Name: mc Value: 648466ee-c4715-1c5dc-c1b90
.de17a.com/	1970-01-20 21:05:02	Name: guid Value: 1.5725345724778377870
.everesttech.net/	1970-01-20 21:12:14	Name: everest_g_v2 Value: g_surferid~ZIRm7gAGf5ABdwBI
.w55c.net/	1970-01-20 21:56:53	Name: wfivefivec Value: oaffrTBg1Q7Xl45
.adform.net/	1970-01-20 13:09:50	Name: C Value: 1
.w55c.net/	1970-01-20 13:09:50	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 13:53:02	Name: uid Value: 1973764878366294925

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-3637999307044405&fa=3&ifi=7&uci=a!7&btvi=2&xpc=bHnIQAqkmf&p=https%3A//retakebr.com.br Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-3637999307044405&fa=4&ifi=8&uci=a!8&btvi=3&xpc=07VDvwvn3z&p=https%3A//retakebr.com.br Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
adservice.google.com
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
region1.analytics.google.com
retakebr.com.br
skinsgratiscsgo.com
stats.g.doubleclick.net
sync-tm.everesttech.net
tpc.googlesyndication.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.226
151.101.194.49
178.250.1.9
2001:4860:4802:32::36
213.155.156.168
2606:4700:3037::ac43:8bc3
2606:4700::6811:180e
2606:4700::6812:1734
2606:4700:e6::ac40:ca1c
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c0a::9a
2a06:98c1:3121::3
3.126.192.167
35.190.0.66
37.157.4.29
00d95d227b9bd0dd83e85e3d500df081df39b06ede70693bf1d6947b00f510a4
05d34e3820421019e1d3b4ad2ba7d03f0a0a74f94664f4393cc07730c8f7abbb
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
07545caaf9707de642e908cbfe3197e4ccfe99b88162aa3913c7e85f59191de2
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ff435ed58b8422cbf16969d4e71ed46146124e9de87899e7503e501d9163b37
1218c28a3390f8f3b1215b31747fcd4e6e4bd9b7e974a19b7b3564bc413ca179
1d9f78e62b4aac470f7f556dd4a64ba9ecac44c9d7d2a77c2e6110af3a965e73
24834ede2021cd5e7283d2a952c6718c6fffd165d8ab9df907f4222a113429b2
2597571c2c717160444166a250ca8048b31c4421fdb0713fb3292cc623740cd6
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
2bf77546bc9628aa693ac5ea212bf8b326821fe39959d50bda9f9d045f5e5c6c
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2df9f992edf7d3f27925721d4a1a36948fff0ae353161cd6dc2bf1c36c9b091f
2f39d54e71a3c475b8a65cdcdd903b249e8b8a4538f6c8f0b1f8b3c34a093302
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c77ff24ff88a8239cc67a70bc064e43a6b7b2532ece0505912bd2b965e4b705
40be6fd743dbf7720ec19c7a0636862f0f7e5ac8fc5565798638958f7c9bb427
43876c523ee036ff6d78a4b8dd69f8be38b6d1d73347d55f0bb2d6453b1b7489
4478b0cc063a5f2d2a75a157441109535f517fbaadf2040b80899eb3b3e9c697
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
483726921f3750500b585e5aa13db1ec1a46147ad86d06fbc6b2350eb72b3703
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
4c7fe9f4b7e2cbaeadf56a93f537dfe760444ddbc081a7d12aa5c97c98cafce9
4cbe16d1fe4e7c7a3b1b4ac38c7bd340add8a6043489d617ec465aecb28fcef9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
4f0fefab783abd19bc1b6c4f9dedd620764d243d141165603c77bb5152c231c0
4f60b88d280f49193a4ce290da4af5c0abdadc8646b7abb8108152195d26941c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ce19d6c2ca481b194cfe906d3322f19fd9e1250bbba8eeb32c83cc4e744feb2
5fcc2befcec256bcdd3d1eeabca1b401002665ddb249e467cbd7fbcc0eaa4bfe
60e84f9f08b11353a6182f336a7141b9f0631d7ddd0a932de9345801f1d574c9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dc598ccb792f2dd7fc9f16131c367c2a6e09945ad4937930b157f6fc7c833c
63e06cf7457c15a76da6fce9e1da3a459048918d3340845dd8573c97ab553a59
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6de242265cf0c8ac812427bcfafd48416f1deebf9164d4185be216b6d3081cea
71f45fa39b9e00c82913d3a7a044af7536baba93519cc84ccfd346c4895cb2f1
71ff14481da19165757eff1d2f3fa6c3ed0898b8d6402e545f6312c14b06bf7f
756de73dc6eb6c5c7f71a906ddc4e66109aed9d56312c92c18a880ce0fe7e86a
75a4e38ceaea4f1574989a15921411f633512d75213dfaf9fa456bb911cdebcc
76b1b4ecded06fd84581ef74d49e5cf0f124816605adc9f08a222aa07cb960e3
8d96e5791bf2085cfec1ecb5cba8616fa17945043ddb16e9733c76b7f4a69ecc
8fe19169bb3f483233ed8454d176b3da5e00f81ba3f9e7e49e3ff767aa4d91f7
90d7576832821a0cf5e65e08e3a6929066acbb9acbdec4738dec82ee3d6982eb
98088166c358ebc80bb1a7ebb26faf17dea6872bb185489bfeed6e295d020874
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aab6b764ac1205cfbb125b8eb5ea9710e6a0179e3522cfc71f591d013f52c50
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ce2f3c8ed1e2d2ab1706a053fbc1c76a6e92f9d614a502499493877c628e39
a76f52a7ebf56ee46f0ad4cf8014144514659b1d3c39fbde611464f76b8691c2
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b7a6afe949f02c51c23f8fea1b7a2fe404d55265ab44e87b71de83b0d977c06f
b944d9cb4994adb53037b8db6236c81f01cf625887764529fd46a36d8b72d6e9
bb626d44b2d3d3176c26616eaca12cbc52e9cfe88b708d90a08b9e66f5f8630a
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
ccfcffcbf2ae04632fa584f41eedf10a870e9e07d75d47ee264363a1179f1f29
d25872fe4bcc82c881a13faeaaae9088d7e0029f8f370f88dbe1757c646e804b
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7a6484d1d091d289e949e33fd65472c22e145f2420dc3f6a003810d1c0412b1
d7aac6cb063f6eea470ce9386d28967a1fe8afa5882f240b7984ccf78e2f1a61
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcea90dfd1c1d7d57e77b5317974a45b1856500e8d786e4b847298fd59ca1024
ddd7d56015c6fac16ea0a36153125d4a99cfa4fbca302f6b6eccc4cead076d73
de698f771f908f6249a14b16e6c5e46c7bb7fd7477be0d48253a6c27481eb7e6
de6b6cb1a984b0e3418ec8185b8ad7df7c97ea54897f2061da48e9e972f5562d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eba13b7c4c968c8dadceece567382a3e6c9acaf68d961d0f90ab5f31347534e4
eca15b8922fb25711a4c90119bed1a91fbf129d7fa6b89415e43acecc8d12d4e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
f339e6d9a27792f9107b854ff30b0e60a9e188b75ed37e3cfce59d289b6348d7
f6fa6ffc627d01125cc6a94d9978cf77a6068cface7573dbee1ecb3e30bc8ea6
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

retakebr.com.br Open in urlscan Pro 2606:4700:3037::ac43:8bc3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

97 %HTTPS

72 %IPv6

20 Domains

27 Subdomains

20 IPs

3 Countries

2239 kBTransfer

5456 kBSize

15 Cookies

8 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

retakebr.com.br Open in urlscan Pro
2606:4700:3037::ac43:8bc3 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

97 %
HTTPS

72 %
IPv6

20
Domains

27
Subdomains

20
IPs

3
Countries

2239 kB
Transfer

5456 kB
Size

15
Cookies

150 HTTP transactions
9 data transactions