Submitted URL: http://skinsgratiscsgo.com/
Effective URL: https://retakebr.com.br/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On May 12 via api from DE — Scanned from NL

Summary

This website contacted 26 IPs in 6 countries across 21 domains to perform 180 HTTP transactions. The main IP is 2606:4700:3037::ac43:8bc3, located in United States and belongs to CLOUDFLARENET, US. The main domain is retakebr.com.br.
TLS certificate: Issued by GTS CA 1P5 on March 30th 2023. Valid for: 3 months.
This is the only time retakebr.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
38 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
33 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
25 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 5 142.250.185.162 15169 (GOOGLE)
1 15.197.193.217 16509 (AMAZON-02)
1 98.98.134.241 21859 (ZEN-ECN)
2 2 3.66.102.95 16509 (AMAZON-02)
1 178.250.7.11 44788 (ASN-CRITE...)
2 2 37.157.3.30 198622 (ADFORM)
1 1 69.173.144.138 26667 (RUBICONPR...)
180 26
Apex Domain
Subdomains
Transfer
48 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
500 KB
38 retakebr.com.br
retakebr.com.br
549 KB
25 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 9489
328 KB
21 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
166 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
131 KB
8 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4217
adservice.google.com — Cisco Umbrella Rank: 83
mts0.google.com — Cisco Umbrella Rank: 4709
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
315 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
4 KB
5 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1602
ka-f.fontawesome.com — Cisco Umbrella Rank: 2850
183 KB
4 google.nl
www.google.nl — Cisco Umbrella Rank: 8603
adservice.google.nl — Cisco Umbrella Rank: 14080
1 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
177 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 585
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 324
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 949
r.turn.com — Cisco Umbrella Rank: 3697
869 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
461 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 674
363 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 668
187 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
265 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1044
607 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
85 KB
1 skinsgratiscsgo.com
skinsgratiscsgo.com
698 B
180 21
Domain Requested by
38 retakebr.com.br retakebr.com.br
33 tpc.googlesyndication.com googleads.g.doubleclick.net
retakebr.com.br
pagead2.googlesyndication.com
tpc.googlesyndication.com
25 c.bannerflow.net retakebr.com.br
googleads.g.doubleclick.net
c.bannerflow.net
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
retakebr.com.br
15 pagead2.googlesyndication.com retakebr.com.br
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 www.gstatic.com googleads.g.doubleclick.net
6 www.googletagservices.com googleads.g.doubleclick.net
retakebr.com.br
5 cm.g.doubleclick.net 1 redirects googleads.g.doubleclick.net
5 fonts.googleapis.com googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
4 ka-f.fontawesome.com kit.fontawesome.com
retakebr.com.br
4 cdnjs.cloudflare.com retakebr.com.br
cdnjs.cloudflare.com
3 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.nl pagead2.googlesyndication.com
2 c1.adform.net 2 redirects
2 x.bidswitch.net 2 redirects
1 pixel.rubiconproject.com 1 redirects
1 dis.criteo.com googleads.g.doubleclick.net
1 pixel-sync.sitescout.com googleads.g.doubleclick.net
1 match.adsrvr.org googleads.g.doubleclick.net
1 r.turn.com
1 ad.turn.com 1 redirects
1 mts0.google.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.nl retakebr.com.br
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 kit.fontawesome.com retakebr.com.br
1 www.googletagmanager.com retakebr.com.br
1 skinsgratiscsgo.com 1 redirects
180 31

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
youtube.com
www.instagram.com
www.twitch.tv
Subject Issuer Validity Valid
*.retakebr.com.br
GTS CA 1P5
2023-03-30 -
2023-06-28
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-22 -
2023-12-23
a year crt.sh
*.google.nl
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-01-09 -
2024-02-02
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-12 -
2023-08-10
3 months crt.sh

This page contains 23 frames:

Primary Page: https://retakebr.com.br/
Frame ID: CA434BBB7515F504C3C85FD633DFA10E
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: 60FAD7B1FC5C244F87232A2B1E328491
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&adk=1812271804&adf=3025194257&lmt=1683934871&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fretakebr.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872124&bpp=7&bdt=786&idt=362&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=851783795832&frm=20&pv=2&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=388
Frame ID: AD7B44A39C935E14D3CAA92E05DA7050
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872131&bpp=2&bdt=794&idt=388&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZterPBLm0v&p=https%3A//retakebr.com.br&dtd=391
Frame ID: F4FE6485602334DFF8C913738E5BFCEC
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Frame ID: 80F6E297E45374D14A5BA82A0DB0EF76
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: E7E6482558D0139B33B695DDC5E25F76
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7572CC5B94B75BA019332F6886BAD26B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: EA9F8257B36C6F42C9B017F35289452E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 79F04E6EA736E57CAA78B52B81FFA62E
Requests: 13 HTTP requests in this frame

Frame: https://c.bannerflow.net/a/643803389b4291437ab49883?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9BvTmM5eZJLoIpeiywWkjZ2wB_jO74Vw07Da28cR-uC_oNQBEAEgtITxVmCRhKCFjBigAZGV4vkDyAEJqQK4Sb-1M2eyPqgDAaoE5gFP0Oj_opzBgySng7alZvV38F9Wh7Wwj0sktmdNDy6NcUIEZoTmu1kvtAOM_Zsf_xNGkjNgCUfhogmq01wwMJiTUkZAWRT9Bxrjo93-hecaRe_btsKkFmF2I64oLVb8S64i_ztqsmsk-D6fkgQVGObyOxfnU9CXrwS_ypzurqO7225fMVcaU8VC0_bBqjWVyw3a1FLCd5wXZs6qnDm5JRbK3YNJBCKPF5kwgQE-r-L3PaRRuaBqJA0iQXhON5HaKLN3EP7vkQUq1hvSnHzxq-RshZkzeNwU1KzdiGfhdG88ixwZyam8r8AElce06ZsEoAYRgAfX6p0GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26cid%3DCAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB%26sig%3DAOD64_05dL8Hu5dpgApcF4YXP23bFMX_tw%26client%3Dca-pub-3637999307044405%26adurl%3D&cb=913372724
Frame ID: FBB7D53E57A6AF493A7E105B762B0413
Requests: 18 HTTP requests in this frame

Frame: https://c.bannerflow.net/a/643800339b4291437ab49825?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCDHMGmM5eZJPoIpeiywWkjZ2wB_jO74Vw46Ta28cR-uC_oNQBEAEgtITxVmCRhKCFjBigAZGV4vkDyAEJqQK4Sb-1M2eyPqgDAaoE5gFP0B--aVMMqsRQUjePNyfCnHFI9qQKKA1YwgTQ6CgWQTZgtNjvjoxNUvwhuA-MxKaaB48_enwbEZgEZ0XpoGrSNau5oVi0-cWE6KDbVH9PzKtManXSAo0fZJKZ9oIrwLKqAF7j1lMqkkz8pHgcTvARTfxEh98mH_Nw-dgHoVzVoKKFOlesZ6a73z19Rf7nw9Jo-DoATBan8lsW0C58-KucI8rMauKaeYFGGpd8i02Hdqx1ZQ0Fc_q0PnKEWJBgLsVFamaYLkc-5EWEUdFYV1YNeHFnhYCUrOXO7dl8HQXlVz7UFmos_sAElce06ZsEoAYRgAfX6p0GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26cid%3DCAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB%26sig%3DAOD64_2MWyW_H6-ZFhwq6NpFGQ33Lgh-Pw%26client%3Dca-pub-3637999307044405%26adurl%3D&cb=338831000
Frame ID: D03D0BBD6B12D48A7CA7D0457CCCE0AA
Requests: 18 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 70A92B52273BF3DEBA39F9B055A75F59
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 2ED2C432641C4DDF608CA91DA47F5980
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 96CCD89261145DC10598BCB74C88521B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0CDA42E5DD9DDDB55854569793B84A7C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: D6FC674348A92C8C10959E5416CDD308
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 5F0BBEC5A59193D2BA754EC4A09928B7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A65A1501D5BDC6EAE00B90F885AA217E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E93A5F8D210C46101DC41CBB6AD41455
Requests: 2 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/199f1151-c028-4ce7-a9a6-5f8dd1ebe056
Frame ID: A4728F409CF0AE690F798C8CBB90F93C
Requests: 1 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/966c2340-3f01-4c78-8d89-0da64922afd6
Frame ID: 0575F2FD34A7AE92FFC1C2C154746993
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbabboe%2F60239d7c41a39e09dc00fe90%2Fimages%2F2f797f5f-d7f7-4877-b2bc-8c8045b6b226.jpg&w=157&h=154&q=85&f=webp&rt=contain
Frame ID: F6067FA0C7D880F4C082A5B771A168A7
Requests: 5 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/babboe/60239d7c41a39e09dc00fe90/images/efdd2041-d82e-43f1-b4e5-1f89bbeeaa7b.svg
Frame ID: 9A40107DEAAF2144D54696AFC0F85FAD
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Retakebr - Portal de Notícias de Counter Strike e Tutoriais CSGO

Page URL History Show full URLs

  1. http://skinsgratiscsgo.com/ HTTP 301
    https://retakebr.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js


Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

180
Requests

97 %
HTTPS

76 %
IPv6

21
Domains

31
Subdomains

26
IPs

6
Countries

2443 kB
Transfer

5717 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://skinsgratiscsgo.com/ HTTP 301
    https://retakebr.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 140
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 146
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDMP39839uuB864UNz6YmtM&google_cver=1&google_push=ATf1kGMSjcxQhg520Bbgze-PH1XS6HUA7gz9uT2gelk7R4CUbKbcnoHBXVwnt2rGieFbtr3quch_WL6g20QxbQDUx2GHvVd_-FdOAXaO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQ5MDAwNzA0MjExNTIzMDI1Mg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMP39839uuB864UNz6YmtM&google_cver=1
Request Chain 149
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESED81sz6sV-Ewe7pIxsiiIzY&google_cver=1&google_push=ATf1kGP5Ft4DFX3p4IwqAB06T3MQbYtI86f2X0PS0HkPkMfSMzbZowrt2lXYinO-8Z31qNZWIh5uhdFCu_HS5xanHea58yI3231vr2Dw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESED81sz6sV-Ewe7pIxsiiIzY&google_cver=1&google_push=ATf1kGP5Ft4DFX3p4IwqAB06T3MQbYtI86f2X0PS0HkPkMfSMzbZowrt2lXYinO-8Z31qNZWIh5uhdFCu_HS5xanHea58yI3231vr2Dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5Ft4DFX3p4IwqAB06T3MQbYtI86f2X0PS0HkPkMfSMzbZowrt2lXYinO-8Z31qNZWIh5uhdFCu_HS5xanHea58yI3231vr2Dw&google_hm=UGdeJ-Z7TVO0RsL5m9gswQ==
Request Chain 151
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO8uToOuKnfLP1BBNlFBxac&google_cver=1&google_push=ATf1kGPqoOvFbhWHSqilRFrwUFNUNxtpxvwGiqHeJYcLWlFzf1usyS8WAJw_i8ZyZE40xjURgHOw7q3j2mZLXBq3P7BTkyGHXV10HKUR HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO8uToOuKnfLP1BBNlFBxac&google_cver=1&google_push=ATf1kGPqoOvFbhWHSqilRFrwUFNUNxtpxvwGiqHeJYcLWlFzf1usyS8WAJw_i8ZyZE40xjURgHOw7q3j2mZLXBq3P7BTkyGHXV10HKUR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkxNTUyNjg0NTY2MjkzNjIzNQ&google_push=ATf1kGPqoOvFbhWHSqilRFrwUFNUNxtpxvwGiqHeJYcLWlFzf1usyS8WAJw_i8ZyZE40xjURgHOw7q3j2mZLXBq3P7BTkyGHXV10HKUR
Request Chain 152
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENs-t2TojXGFUHpDreUbgJo&google_cver=1&google_push=ATf1kGPQck_SZpfFi96QbqBh9UflyWtrUIsVdx7zVxcrCiX4s0rEegMskj_h72Rn-IEkEwD2QAW-YYYRoY-6_l9TJaJ1AbzOOsqz1YRX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMN0NHRTktOS04UDky&google_push=ATf1kGPQck_SZpfFi96QbqBh9UflyWtrUIsVdx7zVxcrCiX4s0rEegMskj_h72Rn-IEkEwD2QAW-YYYRoY-6_l9TJaJ1AbzOOsqz1YRX

180 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
retakebr.com.br/
Redirect Chain
  • http://skinsgratiscsgo.com/
  • https://retakebr.com.br/
143 KB
19 KB
Document
General
Full URL
https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a9c3c6bc51fb4004ea871ff82d9c580035af30537c024b1cef2070ae46c54f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
MISS
cf-ray
7c6682cfd9020b5a-AMS
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 12 May 2023 23:41:11 GMT
expires
Fri, 12 May 2023 23:10:49 GMT
last-modified
Fri, 12 May 2023 23:41:11 GMT
link
<https://retakebr.com.br/wp-json/>; rel="https://api.w.org/" <https://retakebr.com.br/wp-json/wp/v2/pages/145>; rel="alternate"; type="application/json" <https://retakebr.com.br/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform
hostinger
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uj5AdaTbH%2FY5qmYxpKJYW4jq3A9j7oPyfbyWJeSn1mW7MiL6tz2DpNR1iRYJqmU2Vm43LmPWawWXxgPkWFktSnKyXEQbX%2FlLBp3BbGf6em1Dcc6q5mHJwvqK37R9X97hisGOaXOysy6iw4x3XNk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
SAMEORIGIN
x-litespeed-cache
hit
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-RAY
7c6682ccfb3a0e80-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 12 May 2023 23:41:10 GMT
Expires
Sat, 13 May 2023 00:41:10 GMT
Location
https://retakebr.com.br/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Evs7RXdeFKBNz7hZkFmOztGW62OPZAOVjOU3GZEO66TyB%2F9cruUCif7%2BVSmEziALdwo7kvwZUzYJ9MIB%2BzWGABp1Qf2bbE3KLP40b3LtisxS27Eo5t3iZ8T2zPpvsh5HYXu1UMUVnBOcW3VJWAu2KTu"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
retakebr.com.br/wp-includes/css/dist/block-library/
95 KB
13 KB
Stylesheet
General
Full URL
https://retakebr.com.br/wp-includes/css/dist/block-library/style.min.css?ver=593d487eddc883e8c3336242ddecdf45
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7030
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 30 Mar 2023 02:08:15 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8o6PUa119bhA%2FohauIDN0Jw8b3y%2B43dIA8Bdy%2F1Bpo62YJIwXSYATbz4b99amSGEKCgH%2Fqma7oNAyYqbP4gLn7fVrAhhmuat9njv6iP5yp8UhblUx9kiMeUVsQVV2CrgmHcwMt4nWFuzsC15rt0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d20aee0b5a-AMS
expires
Sun, 11 Jun 2023 21:44:01 GMT
classic-themes.min.css
retakebr.com.br/wp-includes/css/
291 B
541 B
Stylesheet
General
Full URL
https://retakebr.com.br/wp-includes/css/classic-themes.min.css?ver=593d487eddc883e8c3336242ddecdf45
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7030
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 30 Mar 2023 02:08:15 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHalw%2FV0OiWTNyDTT7RNDJ5gfzS1zKwvhQsI3LPG0ZjDmOWMXaE2vFgfSWbcfMQMuLPlAo7AAuxhRvkRT4utaZ6g6RJo5drwJsG1EXwdso7OYz477k2lp8PEAmdHFjvbl%2F1cA1nu93%2BbpwO1IxI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d20aef0b5a-AMS
expires
Sun, 11 Jun 2023 21:44:01 GMT
aces-style.css
retakebr.com.br/wp-content/plugins/aces/css/
94 KB
11 KB
Stylesheet
General
Full URL
https://retakebr.com.br/wp-content/plugins/aces/css/aces-style.css?ver=3.0.2
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eba13b7c4c968c8dadceece567382a3e6c9acaf68d961d0f90ab5f31347534e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7030
cf-polished
origSize=123073
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 27 Mar 2023 19:27:00 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4%2F7danCSzLGmHpjTFVba8JlK4wODL0LkUoxsQlF64de%2FkHf1oSkAxwqLr4ZD0gwFA2oIHrd9kMbOE93kkQw87WJytHmvBQxtSoIRCqwmoIvtCrgPJnEwI5iJtThqh%2B4jluOWzAr%2Bu7lmw%2BnHfM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d20af00b5a-AMS
expires
Sun, 11 Jun 2023 21:44:01 GMT
aces-media.css
retakebr.com.br/wp-content/plugins/aces/css/
44 KB
4 KB
Stylesheet
General
Full URL
https://retakebr.com.br/wp-content/plugins/aces/css/aces-media.css?ver=3.0.2
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07545caaf9707de642e908cbfe3197e4ccfe99b88162aa3913c7e85f59191de2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7030
cf-polished
origSize=57778
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 27 Mar 2023 19:27:00 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLAuDoXgpN83Vh7BBOxdg6NEF4VVFo1iNiolTo%2F9pPKIinnOIwGzANPa%2BYdwES%2FiYEiI0LD0h2QyRGWQ%2FtkMGGCCkOOOCX45W%2BLeiW8FFqrgHm6sd8NWyGKXJYkXNj%2BVwhHeh0sTNrJpVygQ%2Bpk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d20af10b5a-AMS
expires
Sun, 11 Jun 2023 21:44:01 GMT
owl.carousel.min.css
retakebr.com.br/wp-content/themes/mercury/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://retakebr.com.br/wp-content/themes/mercury/css/owl.carousel.min.css?ver=2.3.4
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7030
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 27 Mar 2023 19:26:50 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BB5RGstwOnDlxD6M3cnJ8%2BUzYMuX1SJUum3mTEnfdiYWhgpDVCGrnYTrGjJxUqJaSgYrbkK%2BnjRPGrY242%2FJBB5ifZYqVEW2j8t2g9QUYnF3itUTWxtdJfeLGo%2BB2HjeT5X9jVziImnJhTHl28%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d20af20b5a-AMS
expires
Sun, 11 Jun 2023 21:44:01 GMT
animate.css
retakebr.com.br/wp-content/themes/mercury/css/
55 KB
5 KB
Stylesheet
General
Full URL
https://retakebr.com.br/wp-content/themes/mercury/css/animate.css?ver=2.3.4
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6de242265cf0c8ac812427bcfafd48416f1deebf9164d4185be216b6d3081cea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7030
cf-polished
origSize=73029
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 27 Mar 2023 19:26:50 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZt0xAElxsMWlK8hwCc5OIa1IE7XqDXZZSjxkz9AwUjUNsEDFMePh0clbKipCnRFdDB17GFkWJTj2Jb49Dwrs%2FSBjqDnNVcBpD3Iqta4uCe3cEOmBA0el9FvG%2FTsJYGxWTo6qNlHH52B7MqBf%2BA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d20af30b5a-AMS
expires
Sun, 11 Jun 2023 21:44:01 GMT
style.css
retakebr.com.br/wp-content/themes/mercury-child/
30 B
374 B
Stylesheet
General
Full URL
https://retakebr.com.br/wp-content/themes/mercury-child/style.css?ver=3.9.3
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb626d44b2d3d3176c26616eaca12cbc52e9cfe88b708d90a08b9e66f5f8630a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7030
cf-polished
origSize=244
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
cf-bgj
minify
last-modified
Tue, 04 Apr 2023 03:10:26 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOh2ZtTY1QDPDWi2UbgKhDxfzWL6wIitLzR%2FQb5PHWzoU07nSvTbDTP9rtEog0hgoR0hQMQG37Mtd4jupZnLu2qZpNDIJTT2C4KGDZFaDZdsAibzP1EozlM7uVsMjQ68TwQwSUYJYCfBfrR%2FEqc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d20af40b5a-AMS
expires
Sun, 11 Jun 2023 21:44:01 GMT
media.css
retakebr.com.br/wp-content/themes/mercury/css/
32 KB
4 KB
Stylesheet
General
Full URL
https://retakebr.com.br/wp-content/themes/mercury/css/media.css?ver=3.9.3
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43876c523ee036ff6d78a4b8dd69f8be38b6d1d73347d55f0bb2d6453b1b7489
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7030
cf-polished
origSize=46386
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 27 Mar 2023 19:26:50 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CYRFaz0gTo2bCAnkIpodj2c7VmAnpnJHDcAeneGqXERMgmTa9DHm%2FygePD3FY08VonthJNInJCSWDmPU%2BJTvGqupORnXga1SgIQWnBDvjUXNOaqTYGdPPERrz8HJYDorm0sJVHhH3YhVMJNnAE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d20af50b5a-AMS
expires
Sun, 11 Jun 2023 21:44:01 GMT
jquery.min.js
retakebr.com.br/wp-includes/js/jquery/
88 KB
32 KB
Script
General
Full URL
https://retakebr.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7030
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 30 Mar 2023 02:08:13 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTt3Yx53Vr0mcuYWBZoo7qQKfK5BZf428B9gJw92pb1d4d%2BTdyo6a9xTTqiUTpDmsgAe2vp22acooAOX1wJSQ6vLGK%2BEe9wqHgc%2BSVR4T5J9mqtdKDt54y6f911GR2Iha%2B0SlQd97x3VMnyrEng%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d20af60b5a-AMS
expires
Sun, 12 May 2024 03:44:01 GMT
jquery-migrate.min.js
retakebr.com.br/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://retakebr.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 30 Mar 2023 02:08:13 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVoFZ7cq1BeCW7zPaUfBzHI8ttEdDjNyxDSIga%2BLVDkVgxg9T2CotgAwBktpZ6lIEq1E61%2BwpONVMn3UUGYdmJI037ei5rzzfiyoEDsUS8u3vIMlpHDiBFpfS0jO2WBU6OGfy%2F%2FkRKTA2OJVesE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d30b540ea9-AMS
expires
Sun, 12 May 2024 05:41:11 GMT
js
www.googletagmanager.com/gtag/
253 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DY10Q8W48M
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03e98968d5cc94c226ba43f137a1608b4eca5bd13261d0268541027adc471a29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86820
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 May 2023 23:41:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
140 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3637999307044405
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f3ce90ce1710b43bd91de6ab00f1055700bcdd00970876f63f5235d6e4635f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://retakebr.com.br/
Origin
https://retakebr.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47900
x-xss-protection
0
server
cafe
etag
2550188279124978464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 23:41:11 GMT
retakebr-banner-1024x256.webp
retakebr.com.br/wp-content/uploads/2023/04/
18 KB
19 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/04/retakebr-banner-1024x256.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
756de73dc6eb6c5c7f71a906ddc4e66109aed9d56312c92c18a880ce0fe7e86a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18904
last-modified
Tue, 04 Apr 2023 00:46:14 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8lsexQ0pnbMTblmB7zs4O8SCGA2owUnqdc8efbexHIyiN%2FxcJncHsOhQmmbeh%2FzHclwn2%2F685rgKhfGy1%2FLteG%2BCbtQ20VNKRLmElNs2CcO4OTlE82vUZq%2FeZ%2BCjS8cAS6Pnp9ARIDangHNVRY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4acaa0ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
709706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10480
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYsQ23fyqwOG2ubLUHcRdm34GCvaPjZrzX9NJEAMXfT96R1fU9LSZEzVj%2FcSMI%2FBTPuUGX6HlhUPzBr%2BQxlus%2FgVawdA7JZsm98zZR%2Fbtv87F%2FPV600n%2Blspk6q1eXVhhc3fD1iw%2FEz94xwGK%2FNrMMuh"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c6682d2cff11cbe-AMS
expires
Wed, 01 May 2024 23:41:11 GMT
theia-sticky-sidebar.min.js
retakebr.com.br/wp-content/themes/mercury/js/
5 KB
2 KB
Script
General
Full URL
https://retakebr.com.br/wp-content/themes/mercury/js/theia-sticky-sidebar.min.js?ver=1.7.0
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c7fe9f4b7e2cbaeadf56a93f537dfe760444ddbc081a7d12aa5c97c98cafce9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 27 Mar 2023 19:26:50 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RwYCiZEbzjTrbt7cvD0WD6nJKE1crfw2VyFBC%2Fx1KY%2Bann2eUgMNQlp6%2Bu8Wl2SU9x6n9%2BH0LnMoEsZvug4F55jrymgfod6ZEHHbMYU4fEVTwppmMIyHyQ62XweGwb2WPNp6bKaViOfl%2FC2Bkk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d4acac0ea9-AMS
expires
Sun, 12 May 2024 05:41:11 GMT
enable-sticky-sidebar.js
retakebr.com.br/wp-content/themes/mercury/js/
163 B
718 B
Script
General
Full URL
https://retakebr.com.br/wp-content/themes/mercury/js/enable-sticky-sidebar.js?ver=3.9.3
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa2ec62db4c150dc99ee168d5640dc8e33ffe470a1774c0950a386a44264105
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 27 Mar 2023 19:26:50 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4SFFZWGFzlUc8uxIxYjFxr4h%2FwVAyT8CIj1SkYHI7z%2BCXOejBojGT0GZIwfuqrKp9uxyDnjwkD%2FbdKMeTyV%2B0dEL8uyrEBNalNwZiBJLVMYyFPqAT0jsdDs3dmsC%2BodpWPgaKeVuy8FwPy6Eqg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d4acad0ea9-AMS
expires
Sun, 12 May 2024 05:41:11 GMT
owl.carousel.min.js
retakebr.com.br/wp-content/themes/mercury/js/
43 KB
12 KB
Script
General
Full URL
https://retakebr.com.br/wp-content/themes/mercury/js/owl.carousel.min.js?ver=2.3.4
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 27 Mar 2023 19:26:50 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kF3yJQfxYn6%2B%2Fwe4MT%2BO9UFH2YV6izEk8339KSIBaozBlMFpw5x5DLnGz5dM3Dpa05Z1TQ2C6oZ88rM3D4B6G9qPPeGA8d1Lhw1X7WwWRhikqN%2BKX%2BOQ%2F%2FzlwrgXMdxaYn%2BC6mfaQzUzulgc4c8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d4acae0ea9-AMS
expires
Sun, 12 May 2024 05:41:11 GMT
scripts.js
retakebr.com.br/wp-content/themes/mercury/js/
3 KB
1 KB
Script
General
Full URL
https://retakebr.com.br/wp-content/themes/mercury/js/scripts.js?ver=3.9.3
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6a280187f35a8ed90567418aafe24eeae8e60a3a83ea0a7e18f7c4e168529f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 27 Mar 2023 19:26:50 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qStEpB4l%2BXkON7EgTIren15KPf%2Bdt2cyC9j6smoY3HGGtEEQd5GUi8puBG8S1ZzWRyJIfuV1kfJYBqJGsL2qAXlSsDmyIEFMgjo0RdwQVaadBuBx4XPSesgyR5VojlkqVQE0l2jwyNG%2F5%2FCP7dY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d4acaf0ea9-AMS
expires
Sun, 12 May 2024 05:41:11 GMT
23b8c66013.js
kit.fontawesome.com/
11 KB
4 KB
Script
General
Full URL
https://kit.fontawesome.com/23b8c66013.js?ver=5.15.4
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3c90f680934dbc839cb5833ef8d9c564b9b8fede36556aa9ff5763e68638bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
50
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
7c6682d50be00b6c-AMS
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F1xpef3SyX10rNkAGSDI
style.css
retakebr.com.br/wp-content/themes/mercury/
102 KB
15 KB
Stylesheet
General
Full URL
https://retakebr.com.br/wp-content/themes/mercury/style.css
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/wp-content/themes/mercury-child/style.css?ver=3.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7a6484d1d091d289e949e33fd65472c22e145f2420dc3f6a003810d1c0412b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/wp-content/themes/mercury-child/style.css?ver=3.9.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 27 Mar 2023 19:26:50 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53O98zvUwIxxbFwC9qGZ4zRYeZkccOLquzyI7%2FBjwHdwI9jDNAWUW4xxHaJKbCq0TjZJZy%2B6EdUB9Gw7VvcJjSzw%2B%2FCAVJl6UXUyCXx2MvHXpqKdBEZuEYEKcuEJFHcU6MdcC%2BnjrA%2FqIJOthiU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c6682d24b2f0b5a-AMS
expires
Sun, 11 Jun 2023 23:41:11 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de698f771f908f6249a14b16e6c5e46c7bb7fd7477be0d48253a6c27481eb7e6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
https://retakebr.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1925561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76764
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-12bdc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qc827ZI2ONM26Sa4bmWRi%2BpzBtZW%2FiXmem8XvcpSl%2F9NDlo%2FLJ6Hlb4XcrnY2rid%2Btf1OC2X0Ah7ZSN0hmK9dAIb6VtFrQfe06CwMwALieko3%2BznYGw7jlXzgbbjDV3lYzkkCHll%2FlsHLvet%2BXmuyOBQ"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c6682d4fbb40a4b-AMS
expires
Wed, 01 May 2024 23:41:11 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/
76 KB
77 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
https://retakebr.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
353777
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78196
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-13174"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0SsFXIIuO%2BDB%2BudcilMyf1KsBZm8rRnklutoxZXgTZX3lbkoB1HE%2F8i1abrvJ%2B%2Bht3rUXP%2BvOqidDrtDxsM1DFLpA%2FQgm0%2FGB5XQpBbBhNJmTmxlf7IJrc%2F0E1xk7bl43p8CbfrlGjHBrIZeW%2FBCZZy"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c6682d4fbb20a4b-AMS
expires
Wed, 01 May 2024 23:41:11 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/
13 KB
14 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0fefab783abd19bc1b6c4f9dedd620764d243d141165603c77bb5152c231c0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
https://retakebr.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:11 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6725511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13276
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-33dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUh0XFfSTactWit2VlU2uf2n7S6Sb6E2jKdPectpbKI76LlmMwoe1Sclx3B4KbPHoYsLwWQHgo8LuiKhjQBZ%2FQ8qIe0NJY4x4vaNO6qS%2Fsx2PraPjT%2BINbVdQP1WDrxlfDjcMUrYIUdKOzxMtQR%2B1BFn"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c6682d4fbb30a4b-AMS
expires
Wed, 01 May 2024 23:41:11 GMT
m4a4-howl-antes-depois-capa-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/
31 KB
31 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/05/m4a4-howl-antes-depois-capa-450x450.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896cc33d660e698e660a9f859df0cd73cfb694eddda138a61c8210b8d1b4be56
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31466
last-modified
Fri, 12 May 2023 21:41:19 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZ7WA6jpxPIrd5gx2rXlUxN9x30Gitexe3ppguJoDwZJkHdN8XV5SxDpgSgnoOwzs3x0DUXz43lxpX2FdJli6GgnP68dRJdkONLI4vRlcmpmf1dLwKafgOJrHn2Fb1nWlDY61THZiWpPcU8Ro3c%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fce60ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
monte-vence-pain-eliminada-major-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/
18 KB
19 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/05/monte-vence-pain-eliminada-major-450x450.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
308153511f076016aefcf5f60d1b84ffac9e377f19af236e00914f1ced4a5f9e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18414
last-modified
Thu, 11 May 2023 21:46:05 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhYpJbZ83rlkUzqF6WAzwsHS0fd%2B2oeTHrVGV%2FBzrTF5cw6FLylvNl0vLK3AGTzk12hOSK%2F8Nxcj5UU3UcUIFT%2Brum8wQCFqqby3Xuep8eFG97jK8HRKcZgfTIlT541hBQ1pM%2B4mHa7GO8eGRE4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcee0ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
fluxo-csgo-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/
20 KB
20 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/05/fluxo-csgo-450x450.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bf473dd0c202f9f1357694a4685cbc621506354626c284f860d53eef926cf03
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20016
last-modified
Tue, 09 May 2023 19:49:03 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTzt4ukl2CquZS9cDpfLP5af3Q9zxkB%2BH0Zs4LsNv3G%2FJNILHtXovKMuYeWgWDwHsHtKQ2Bp2Scrxnp8B%2F3Z89C0MYrcZ4Xm29binBkydurd8x7YgOQ5EPon7d9kDbKIke9HF3Dpiio0%2B0JZ%2BWQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcef0ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
pain-vence-complexity-major-paris-2023-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/
24 KB
24 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/05/pain-vence-complexity-major-paris-2023-450x450.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
271a49663426fc5110b4d5c0f396dbc4988e082ca598f7f5e08d5887ba2f310b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24200
last-modified
Tue, 09 May 2023 11:41:17 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ctInYYOf1vn%2BwDl2cqLVJNj5yWq%2BS7JAu8WhhW6OktE95pzyu9ycaTqxjcz7w8d3N%2BsJGMAI5X%2Bfi%2Bl9104PvYuO5V2bohAiuRK36m3WrrlwFse3wbDpj9f0GCHKIcoYvFG8crbWoeevCdjPkg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcf00ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
fluxo-perde-mais-uma-major-paris-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/
16 KB
16 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/05/fluxo-perde-mais-uma-major-paris-450x450.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c741990e3c9401fa2423c96a4e0cb0918b9c95d79a4e540a918d53cd6c55a8c0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16080
last-modified
Mon, 08 May 2023 19:56:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HvsjkWSKEHKyblRHAuxff05gjqkdw5Af9Z8KKLOUX8XK5i5YQom7U8x9ycgfFpIqX6OrRVE5QQgpQ0yYpmGv9h%2BJp%2FKKLEKOitt85YH3lu4YFldx%2B25IQrYPvzEB6je53Noqk1E8IkXPgKtTrI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcf10ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
pain-gaming-perde-faze-major-paris-2023-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/
20 KB
20 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/05/pain-gaming-perde-faze-major-paris-2023-450x450.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32afa04027dddbad973f85fde896b2f0862dafc7419da5079fba45c1b0cdd51f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20218
last-modified
Mon, 08 May 2023 17:53:17 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RqqR6Q%2BnJfH5l%2F3Sxv8CXQqR9n%2BnSQN7vc9A9XepGbIonOltI23efEwlUfn9watuDapVHV%2FMFkdL2C3UXIoGoBeMtHx4RuDGHq7zJiZxf551kbrNeA82RYrNSCeFhAEZF9UIXefHSoMNgAFqnE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcf20ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
pain-supera-fluxo-major-paris-2023-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/
38 KB
39 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/05/pain-supera-fluxo-major-paris-2023-450x450.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a699fca36b592acab0015147688e1c8ebb3bc894d9361330b496753b276df8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39334
last-modified
Mon, 08 May 2023 11:59:38 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aTqkETL5G%2BdH2JQXFKOvv%2FgOsBUmmPBfdCJ809wf516hwbiddWH%2BGbJiNGnyBKQpkC7vGG%2FxuuUfgPAmmqxYXY%2FHY5v3Q5Hc2NEvBZggI%2F1ebt8zbJ7wPKhNRsJc%2BNoVZC4mQK%2FZCYLCu1B6iw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcf30ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
olofboost-melhor-historia-major-csgo-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/
28 KB
29 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/05/olofboost-melhor-historia-major-csgo-450x450.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e395d416dfd0a2a8b5972609a622bf49d76fbd1b2e4c86277dd5068fe2fffbd9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29012
last-modified
Sun, 07 May 2023 16:57:49 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiqZfll8snwU8ocJ1idIPIRf%2Bl0amUWOM809eHtnG09aOPudI5RxWaVAlYXTxjEYI%2BYPAULUwhtp4YRsPEXG4s2yoYk3EjnPXKXZkCpBxUCbIGZfRMI7iyDcv0XJYY8%2FdxjExv2r%2B5EgMr1wIak%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcf40ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
counter-strike-2-aspectos-podem-ser-fracasso-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/
9 KB
10 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/05/counter-strike-2-aspectos-podem-ser-fracasso-450x450.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852966d29668dd7be3e4ea6786c9cb4247541772c0fa4c247b42476fdcee41de
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9350
last-modified
Sat, 06 May 2023 17:11:40 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04odsQoFnj%2B1jMwjsoqtyeIee9qfQUuvB%2BPxyNXxPYLmIz7rGhIuNRS0M0QwXB3O%2FpRRnu76pMNih3xwpIj52QJYIMOgh0RWw4MeGNkM9SfQAo05p%2FJxBDLd0CtO7Ny3ObbCtBnUz06u%2F1lvx18%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcf60ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
como-aumentar-som-passos-cs-go-450x338.webp
retakebr.com.br/wp-content/uploads/2023/04/
25 KB
25 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/04/como-aumentar-som-passos-cs-go-450x338.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b944d9cb4994adb53037b8db6236c81f01cf625887764529fd46a36d8b72d6e9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25410
last-modified
Sun, 30 Apr 2023 21:01:15 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KYFIIUnOlAtDTza9swb9s5yF6WUME8k4YdMZjmICuCHrECCS1UhqpzrhR3eCvL6Sxxo7CnnpzJLpYBi%2Bk%2F%2BE5HUQrZLAvQWfEZKbmTchx7REG5rM2cDsptQbbs6zQjCXDlC2D74xwo5ruQg1M0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcf90ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
como-trocar-microfone-no-csgo-sem-alterar-no-windows-450x338.webp
retakebr.com.br/wp-content/uploads/2023/01/
26 KB
26 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/01/como-trocar-microfone-no-csgo-sem-alterar-no-windows-450x338.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90d7576832821a0cf5e65e08e3a6929066acbb9acbdec4738dec82ee3d6982eb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26522
last-modified
Thu, 13 Apr 2023 22:13:41 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwpyL4N9XXZKlQtjUC9l4SMcxgszo3URO4PhlCKRdn72ZnecK%2F5C2LIz%2BNmsMWYSZx0LAcdOz7passnr4vezdYlKPr6%2FExKP7kk6mFCTnIAL3BEJq562G9wWnef0sP1dzo%2BfsysS99T%2FXLkTWx0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcfa0ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
aumentar-volume-microfone-time-no-csgo-450x338.webp
retakebr.com.br/wp-content/uploads/2023/03/
18 KB
19 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/03/aumentar-volume-microfone-time-no-csgo-450x338.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
483726921f3750500b585e5aa13db1ec1a46147ad86d06fbc6b2350eb72b3703
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18738
last-modified
Fri, 21 Apr 2023 16:37:37 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjU5xGJOOiH8Pcmi8x%2FLWomHFgmatykw8Lz8kR5oMCXPRywp09vWG9Gw1GjaUFEFHEC20hCfxqksB9exXbjaMHw7AscMy7k%2BUXfF%2FXtX0zT3lGok5TKOa6zRtzhvsOq6qdLOw3v8Pax4CV2DkRk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcfb0ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
desligar-musica-csgo.webp
retakebr.com.br/wp-content/uploads/2023/01/
8 KB
8 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/01/desligar-musica-csgo.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bf77546bc9628aa693ac5ea212bf8b326821fe39959d50bda9f9d045f5e5c6c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7680
last-modified
Mon, 23 Jan 2023 21:36:23 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZKHAA8On31k3mnnFIQgZE%2Bum3rUyan3%2BO9fwevIFAkFpBExXabrcYQO8WMa%2BiDR5Gg%2FH9vdgzUsV2vJfZgUL31aKGBLxoYLe%2B7cJOryALInhdrHmDduJmbCi9tW8%2B3drin0IPd1j0BKjfQpVQc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcfc0ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
audio-background-csgo.webp
retakebr.com.br/wp-content/uploads/2023/01/
8 KB
8 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/01/audio-background-csgo.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71f45fa39b9e00c82913d3a7a044af7536baba93519cc84ccfd346c4895cb2f1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7788
last-modified
Mon, 16 Jan 2023 23:19:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sOrJmO1fAMWslAh6VSnYTKKXPxKQSKgR6g1nmLWidWhxgefUWZdH9ZsPldKCYtUf%2BR%2FSCl6%2F7Q%2FDsa6iDWrMMxS2igZmCLJ%2FM%2BfQ4swDv724WijdGZPwmGeY%2BHDSuKcBtXOb9vOyOxPXvMdRMY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcfe0ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
falar-cs-go-mudar-tecla.webp
retakebr.com.br/wp-content/uploads/2022/09/
7 KB
7 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2022/09/falar-cs-go-mudar-tecla.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05d34e3820421019e1d3b4ad2ba7d03f0a0a74f94664f4393cc07730c8f7abbb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6932
last-modified
Sun, 15 Jan 2023 18:08:36 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66C%2BguJChKfZskFXDiUQsm%2F%2F%2BxUFRzdipojN3RnOkwe6c2V9GZQ5QMmRAmavdbb%2BD0yK4CUiFY0NpDallRCS2BY%2FXqC3cYO7AZ0kp1xO5nuh9XiycJ1%2FWslBK0mLNmE6oz5NauCggaHQyxneo7k%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fcff0ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
soltar-bang-pular-csgo.webp
retakebr.com.br/wp-content/uploads/2023/03/
31 KB
32 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/03/soltar-bang-pular-csgo.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6b6cb1a984b0e3418ec8185b8ad7df7c97ea54897f2061da48e9e972f5562d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32140
last-modified
Sat, 18 Mar 2023 20:02:54 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsbWU00T9Q2GMGCzrO6UQd0DMhFnVOWwvYyn06Kpwrre7tT5Oa11FGCZnBBJc5UceBy0ibj5I0esyO0G54%2FgMa2wTel2Q10kJ8L6aDRkD1%2F4OIYRcw9YRd8%2B3a%2BkM4fHm2bviySVQeOn94t18PQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fd000ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
como-salvar-executar-cfg-csgo-450x338.webp
retakebr.com.br/wp-content/uploads/2023/03/
18 KB
18 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/03/como-salvar-executar-cfg-csgo-450x338.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcea90dfd1c1d7d57e77b5317974a45b1856500e8d786e4b847298fd59ca1024
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18026
last-modified
Thu, 04 May 2023 02:43:33 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gukiDN%2FNOzbuIKeaSqtUiMZFCEcpGR%2Ff8fpFeKsD%2Fc5EMoXeso60xwAteGD2ZFLd3dL8YeoFm9m1TXk%2FYvbbBqE6Sf%2Bv8tvQ9wjXqFe3IeptuGsnhGArpn6YAvJGo%2BWUOqzVtDXMERWedoyQa2o%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fd020ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
comando-auto-kick-cs-go.webp
retakebr.com.br/wp-content/uploads/2023/01/
8 KB
9 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/01/comando-auto-kick-cs-go.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2df9f992edf7d3f27925721d4a1a36948fff0ae353161cd6dc2bf1c36c9b091f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8594
last-modified
Wed, 18 Jan 2023 04:35:54 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiFyFV6%2BYjAFCp4FO5u7V7CsLrZJoo3TZEuvUxcG0VGLHUxApBGtkKwZb7thtz6bDs09xl09hN%2FalC4UsAgMONCUzYMld1Y7ELInOlJ9miaYzuQ9iYtfPOrFlj9SVi8JyNEKoaYyfxTet3MSlDA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fd040ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
alterar-posicao-arma-cs-go.webp
retakebr.com.br/wp-content/uploads/2023/01/
17 KB
18 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2023/01/alterar-posicao-arma-cs-go.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fcc2befcec256bcdd3d1eeabca1b401002665ddb249e467cbd7fbcc0eaa4bfe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17884
last-modified
Fri, 13 Jan 2023 21:44:29 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmHEYEBoHsMdwyLGmH%2FT4trcJNP6xe%2Bjvquq5zhHb%2F3QB%2BBgcc5nZE9QFZ%2FX%2Fft5H3ZzchCY3TD%2BFdJzDuFiC%2BUOGVLbZkQhGF5lvQmywlxfNdAuJJ2me9n9cpJNi4MowRv5HMsPVBJAG20crqU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fd060ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
alterar-mira-csgo.webp
retakebr.com.br/wp-content/uploads/2022/11/
7 KB
8 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2022/11/alterar-mira-csgo.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00d95d227b9bd0dd83e85e3d500df081df39b06ede70693bf1d6947b00f510a4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7204
last-modified
Tue, 17 Jan 2023 00:11:43 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgIJixELNfM0RbE78JL7i4RtFylTYBWaCnsrjhTSGalAkRDTLpmNOrzvtDq3j8UytcIyyxFY4AkxgFKHw2i5bG4uEAicUYHFk4l73YTNgi0OmUCmu1mKU1w1xCMZPs2n45pgC3wFMdY0NCigEqA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fd090ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
aprenda-ativar-comandos-faca-csgo-450x338.webp
retakebr.com.br/wp-content/uploads/2022/10/
15 KB
15 KB
Image
General
Full URL
https://retakebr.com.br/wp-content/uploads/2022/10/aprenda-ativar-comandos-faca-csgo-450x338.webp
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4478b0cc063a5f2d2a75a157441109535f517fbaadf2040b80899eb3b3e9c697
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15218
last-modified
Sun, 30 Apr 2023 12:12:47 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fhk2poCex97%2FFwZBeZvWluIq%2B2wZAJxRiEzgggHkvFYLKhVrsTaBCkcIoZdY6yRqn6zS6rs%2BHOhkvingSXigTNDVQ1qmuJtLXMHojN51xh2VVqOADiS6K324sXld%2B4jVf4iYPZzoZy5TCMYE3FE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c6682d4fd0b0ea9-AMS
expires
Sat, 11 May 2024 23:41:11 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/
59 KB
13 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=23b8c66013
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/23b8c66013.js?ver=5.15.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:640a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
via
1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AGooOUc7H0FRXX6LrAp8jRzSi3T9194hq9LRr1pbRI9fMJSh9cqdXLXXxQ%2BggdP0h9cEkXwsDw0fBX0NsNDoft%2FI14EptlNRqmEuoi5AfidxY6aWjL7iCrVs0gasbYhtDBr4qOaNuIF3Qj%2BBBpdR0obrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7c6682d6bed70b4e-AMS
access-control-allow-headers
fa-kit-token
x-amz-cf-id
R8vzVA6QCqW9SqCOydh6_15EEjqxoEBfmALrRhZKXQs2yPkU62QeYw==
collect
region1.analytics.google.com/g/
0
254 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DY10Q8W48M&gtm=45je35a0&_p=748267028&_gaz=1&cid=1104410562.1683934872&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683934872&sct=1&seg=0&dl=https%3A%2F%2Fretakebr.com.br%2F&dt=Retakebr%20-%20Portal%20de%20Not%C3%ADcias%20de%20Counter%20Strike%20e%20Tutoriais%20CSGO&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DY10Q8W48M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 23:41:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://retakebr.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
254 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DY10Q8W48M&cid=1104410562.1683934872&gtm=45je35a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DY10Q8W48M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 23:41:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://retakebr.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
408 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DY10Q8W48M&cid=1104410562.1683934872&gtm=45je35a0&aip=1&z=189348556
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 23:41:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/
356 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3637999307044405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7359b7a9e1c457a32c5d58a0e5edcccb4dd192218baca38074c455cd09c30046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122694
x-xss-protection
0
server
cafe
etag
745459719489444277
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 23:41:12 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame 60FA
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3637999307044405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://retakebr.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
69029
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 04:30:43 GMT
etag
15057649708203361565
expires
Fri, 26 May 2023 04:30:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/
75 KB
75 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:640a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer
https://retakebr.com.br/
Origin
https://retakebr.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
via
1.1 c24bf4c03d36f2d43fb38710581fa0e6.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76736
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaRJxPHjWXOCR3auYNCtBpAriplR0GWdphxugL3VVRbsJ3ymdz0NrR1MuNpIZeCTmbjSJkg0O6Vzpw8jrcDtxotIKBf77UzsrBsmFkWDVwUvLdX4yttv7aDe34eRTTJTqufimGpyuLiohcGbIpfykl4H5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7c6682d72f2f0b4e-AMS
access-control-allow-headers
fa-kit-token
x-amz-cf-id
B8x6K5OgCBQbxE0YfeMgFCZRxXcyLPFdtlzvOFaK7M03WKOr6gCQEg==
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/
76 KB
77 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:640a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer
https://retakebr.com.br/
Origin
https://retakebr.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
via
1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZkHo7dj2ib2WPszih7gi1LKGMJMNJS%2FDZ%2BHOezINmsZf%2F8z8qmwWdzZXBcajdpMb8Jm%2B40TfY%2BFtAimwyQo26r3cgKyxN18Vn263bTj3qKq1UxWctS7pjfhyZfFoyU%2BqZfmAsQLcTVtS995ozcze3Vcrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7c6682d72f300b4e-AMS
access-control-allow-headers
fa-kit-token
x-amz-cf-id
v0O3NSr3zuzqFFe1xcCfhabHl9HVUkpVOuI-VK16MC67dICad8s2fA==
free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/
13 KB
13 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:640a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer
https://retakebr.com.br/
Origin
https://retakebr.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
via
1.1 0561454d7fe07544e19cf11609a0f13a.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CPH50-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13216
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"b8f1c6a3a94d42b082c29f0b1db8ba95"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCFqNv5EIUW3YqEC0HOx8a96h2Kp6I6iVOdv25p6z%2FlpTQzxPflDb6yOkLwCn29osMDiN4chDK%2FBAdPVOEr%2BDHwXEh%2B9yZwRO8vl64ZcETAcjaKB%2FHJ5MUE5ZiWz0HRh%2B9QSo1DHgsUOvrIAU%2BcwJ1qbew%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7c6682d73f400b4e-AMS
access-control-allow-headers
fa-kit-token
x-amz-cf-id
L7zgMnO10uB7nT7VxwA4S4MjHJhLOc-Aw17U_OUs4wtTHrtg38abiw==
cookie.js
partner.googleadservices.com/gampad/
397 B
607 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=retakebr.com.br&callback=_gfp_s_&client=ca-pub-3637999307044405
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4611db068092557973310773d1748cf6054961d7a28bb6da21cdc5d04e374648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=retakebr.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=retakebr.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AD7B
419 KB
68 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&adk=1812271804&adf=3025194257&lmt=1683934871&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fretakebr.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872124&bpp=7&bdt=786&idt=362&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=851783795832&frm=20&pv=2&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=388
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2558724cd2a802cbd32bc25f6546db6c02190e62d599117a56ec3756af6736d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://retakebr.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
69021
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 23:41:13 GMT
expires
Fri, 12 May 2023 23:41:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F4FE
127 KB
39 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872131&bpp=2&bdt=794&idt=388&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZterPBLm0v&p=https%3A//retakebr.com.br&dtd=391
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce58110c734d66db9e2368c2b84011e2c65f324bec1fb0e3476c3c071d488e5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://retakebr.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40054
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 23:41:12 GMT
expires
Fri, 12 May 2023 23:41:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame F4FE
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872131&bpp=2&bdt=794&idt=388&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZterPBLm0v&p=https%3A//retakebr.com.br&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 May 2023 22:04:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 May 2023 23:41:13 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame F4FE
2 KB
846 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872131&bpp=2&bdt=794&idt=388&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZterPBLm0v&p=https%3A//retakebr.com.br&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
20212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:21 GMT
data=D3LaKX6QiswYoPiisZ_Nl3mt4ZitJmUocE2YuEjcGMvtoxI86hD5UvqqDPEJfq9CGX0E93NE-_tFSZnHpGskTg
mts0.google.com/vt/ Frame F4FE
0
0
Image
General
Full URL
https://mts0.google.com/vt/data=D3LaKX6QiswYoPiisZ_Nl3mt4ZitJmUocE2YuEjcGMvtoxI86hD5UvqqDPEJfq9CGX0E93NE-_tFSZnHpGskTg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872131&bpp=2&bdt=794&idt=388&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZterPBLm0v&p=https%3A//retakebr.com.br&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

truncated
/ Frame F4FE
297 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F4FE
336 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F4FE
462 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F4FE
465 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame F4FE
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CKZnPmM5eZPeuIo7y3wO6xo_IAveDsftq3JLBjNwOtszmrYkCEAEgtITxVmCRhKCFjBigAYWvsOQByAEJqQK4Sb-1M2eyPqgDAcgDywSqBPUBT9AMKpgD7yhxoJl4ZuQi3sENc3b2CF7dKuZYbps0oApoLv4wQpr3mN4LFjI5aYUTksyvA-SCJ9FXtpniPtIzP9g0zMzdtcLvVjz4fLm-e8zEr454ZGaWiEKYWi1OrLEHc9AZIGDpaAin7Lx3a3FQXl79hHqC1U9LAALX0pZj7iecZ6sYdGALQTqRIXKOA-4OTrQznhIBpn-5yucbTYXUqiB8T9svRYwaotTNQTW5cjG--6vWqpGDkCz0qHq3ixeTmQ_fbx6bTtgH4IwY6qt1CsJcYaQJtZjzZDNOsPAstKJf87LwvLtcBnpupDvFx18A9iAX4kLABLDDnuvqA5IFBAgEGAGSBQQIBRgEoAYugAfj0M-bAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPOlatIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E4gE2BMK0BUBgBcBshccChoIABIUcHViLTM2Mzc5OTkzMDcwNDQ0MDUYAA&sigh=MmBLSYJZ08A&uach_m=[UACH]&cid=CAQSGwBygQiDdy-xrp5hbMbUwlAMPSho2jnhvVaL5RgB&template_id=520
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872131&bpp=2&bdt=794&idt=388&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZterPBLm0v&p=https%3A//retakebr.com.br&dtd=391
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872131&bpp=2&bdt=794&idt=388&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZterPBLm0v&p=https%3A//retakebr.com.br&dtd=391
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 23:41:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 23:41:12 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame F4FE
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872131&bpp=2&bdt=794&idt=388&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZterPBLm0v&p=https%3A//retakebr.com.br&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
20232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame F4FE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872131&bpp=2&bdt=794&idt=388&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZterPBLm0v&p=https%3A//retakebr.com.br&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 22:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
5245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 22:13:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame F4FE
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872131&bpp=2&bdt=794&idt=388&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZterPBLm0v&p=https%3A//retakebr.com.br&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
20232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F4FE
169 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872131&bpp=2&bdt=794&idt=388&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZterPBLm0v&p=https%3A//retakebr.com.br&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 23:41:13 GMT
a0d8c68f3de0718362c8759993c4ce7f.js
www.gstatic.com/mysidia/ Frame F4FE
32 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872131&bpp=2&bdt=794&idt=388&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZterPBLm0v&p=https%3A//retakebr.com.br&dtd=391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 20:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13639
x-xss-protection
0
last-modified
Fri, 12 May 2023 20:16:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 20:46:22 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/
151 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5a035e87e279f5e5c2ab1c68a8175652f35bc9e43060f17bed7647677e7a38f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52439
x-xss-protection
0
server
cafe
etag
4301805808165774292
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 May 2023 23:41:13 GMT
integrator.js
adservice.google.nl/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=retakebr.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=retakebr.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 80F6
97 KB
35 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f3627ec514d1bb95155f45526860b90fe4ff34264d839baf0d70f9ffdc0efbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://retakebr.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
35417
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 23:41:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F4FE
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01a8c0a72b01c4958f09c4ad2b34aa6f878ff6d3438c1c900d464eab294aecab

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.nl/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=retakebr.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=retakebr.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame E7E6
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://retakebr.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
7569
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:35:04 GMT
etag
15057649708203361565
expires
Fri, 26 May 2023 21:35:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 7572
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://retakebr.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
7569
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:35:04 GMT
etag
15057649708203361565
expires
Fri, 26 May 2023 21:35:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame EA9F
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://retakebr.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
7569
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:35:04 GMT
etag
15057649708203361565
expires
Fri, 26 May 2023 21:35:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 79F0
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://retakebr.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
7569
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:35:04 GMT
etag
15057649708203361565
expires
Fri, 26 May 2023 21:35:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame E7E6
4 KB
744 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 May 2023 22:33:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 May 2023 23:41:13 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E7E6
205 B
518 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:02:37 GMT
x-content-type-options
nosniff
age
2316
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 11 May 2024 23:02:37 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E7E6
604 B
694 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:02:09 GMT
x-content-type-options
nosniff
age
2344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 11 May 2024 23:02:09 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame E7E6
12 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c6f2f2a1c52ce023f0413c31d546e0cac1132c7bd622469251e3819b9561d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 20:06:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
12857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5515
x-xss-protection
0
server
cafe
etag
11908440479882454735
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 20:06:56 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame E7E6
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbe329e68d02bf400d47f86bb2728739171c2aec4abcba995d7467f0f62cf8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
19813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8020
x-xss-protection
0
server
cafe
etag
10981734531507917325
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:11:00 GMT
643803389b4291437ab49883
c.bannerflow.net/a/ Frame FBB7
70 KB
23 KB
Script
General
Full URL
https://c.bannerflow.net/a/643803389b4291437ab49883?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9BvTmM5eZJLoIpeiywWkjZ2wB_jO74Vw07Da28cR-uC_oNQBEAEgtITxVmCRhKCFjBigAZGV4vkDyAEJqQK4Sb-1M2eyPqgDAaoE5gFP0Oj_opzBgySng7alZvV38F9Wh7Wwj0sktmdNDy6NcUIEZoTmu1kvtAOM_Zsf_xNGkjNgCUfhogmq01wwMJiTUkZAWRT9Bxrjo93-hecaRe_btsKkFmF2I64oLVb8S64i_ztqsmsk-D6fkgQVGObyOxfnU9CXrwS_ypzurqO7225fMVcaU8VC0_bBqjWVyw3a1FLCd5wXZs6qnDm5JRbK3YNJBCKPF5kwgQE-r-L3PaRRuaBqJA0iQXhON5HaKLN3EP7vkQUq1hvSnHzxq-RshZkzeNwU1KzdiGfhdG88ixwZyam8r8AElce06ZsEoAYRgAfX6p0GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26cid%3DCAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB%26sig%3DAOD64_05dL8Hu5dpgApcF4YXP23bFMX_tw%26client%3Dca-pub-3637999307044405%26adurl%3D&cb=913372724
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d1723de4a245b584a7c3c0e71ee239a70d998877a8ede5ba67eaea2613495cd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 12 May 2023 23:41:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
7c6682de783c0eaf-AMS
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame FBB7
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c10d63d7b41288794e705ce2cdb67caccbd96fe9ecd46c33aa47698be28a227e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:07:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
20040
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13484
x-xss-protection
0
server
cafe
etag
15319064171597158994
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:07:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame FBB7
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 22:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
5245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 22:13:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame FBB7
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
20232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FBB7
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 23:41:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame FBB7
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
20232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
643800339b4291437ab49825
c.bannerflow.net/a/ Frame D03D
70 KB
24 KB
Script
General
Full URL
https://c.bannerflow.net/a/643800339b4291437ab49825?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCDHMGmM5eZJPoIpeiywWkjZ2wB_jO74Vw46Ta28cR-uC_oNQBEAEgtITxVmCRhKCFjBigAZGV4vkDyAEJqQK4Sb-1M2eyPqgDAaoE5gFP0B--aVMMqsRQUjePNyfCnHFI9qQKKA1YwgTQ6CgWQTZgtNjvjoxNUvwhuA-MxKaaB48_enwbEZgEZ0XpoGrSNau5oVi0-cWE6KDbVH9PzKtManXSAo0fZJKZ9oIrwLKqAF7j1lMqkkz8pHgcTvARTfxEh98mH_Nw-dgHoVzVoKKFOlesZ6a73z19Rf7nw9Jo-DoATBan8lsW0C58-KucI8rMauKaeYFGGpd8i02Hdqx1ZQ0Fc_q0PnKEWJBgLsVFamaYLkc-5EWEUdFYV1YNeHFnhYCUrOXO7dl8HQXlVz7UFmos_sAElce06ZsEoAYRgAfX6p0GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26cid%3DCAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB%26sig%3DAOD64_2MWyW_H6-ZFhwq6NpFGQ33Lgh-Pw%26client%3Dca-pub-3637999307044405%26adurl%3D&cb=338831000
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a0e4beb7b9fd615db9ece2f4ef434554ff39b506670bf7437200ccb11ea576a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 12 May 2023 23:41:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
7c6682de783d0eaf-AMS
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame D03D
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c10d63d7b41288794e705ce2cdb67caccbd96fe9ecd46c33aa47698be28a227e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:07:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
20040
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13484
x-xss-protection
0
server
cafe
etag
15319064171597158994
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:07:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame D03D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 22:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
5245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 22:13:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame D03D
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
20232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D03D
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 23:41:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame D03D
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
20232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
css
fonts.googleapis.com/ Frame 79F0
6 KB
779 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 May 2023 22:32:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 May 2023 23:41:13 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 79F0
2 KB
799 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
20212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 79F0
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
20232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 79F0
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 22:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
5245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 22:13:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 79F0
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
20232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 79F0
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 23:41:13 GMT
a0d8c68f3de0718362c8759993c4ce7f.js
www.gstatic.com/mysidia/ Frame 79F0
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 20:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13639
x-xss-protection
0
last-modified
Fri, 12 May 2023 20:16:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 20:46:22 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/12814714237495929592/ Frame 79F0
23 KB
23 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12814714237495929592/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e447e19629ac67b14836fa86c5e0819a3f5484112ffc75211602e063032a875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 10:04:44 GMT
x-content-type-options
nosniff
age
567389
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23788
x-xss-protection
0
last-modified
Sun, 01 Dec 2019 21:04:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 05 May 2024 10:04:44 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/3350546711512646747/ Frame 79F0
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3350546711512646747/14763004658117789537?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b892e5365731fa49bd6601be4692de7336e7d0013ab6111ef961a11620cfe74f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 01:16:24 GMT
x-content-type-options
nosniff
age
599089
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2069
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 09:55:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 05 May 2024 01:16:24 GMT
css
fonts.googleapis.com/ Frame 70A9
9 KB
932 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 May 2023 22:31:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 May 2023 23:41:13 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 70A9
2 KB
765 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
20212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 70A9
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
20232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 70A9
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 22:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
5245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 22:13:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 70A9
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
20232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 70A9
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 23:41:13 GMT
a0d8c68f3de0718362c8759993c4ce7f.js
www.gstatic.com/mysidia/ Frame 70A9
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 20:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13639
x-xss-protection
0
last-modified
Fri, 12 May 2023 20:16:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 20:46:22 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame F4FE
29 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 05:24:40 GMT
x-content-type-options
nosniff
age
584193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 05:24:40 GMT
css
fonts.googleapis.com/ Frame 80F6
6 KB
706 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 May 2023 22:31:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 May 2023 23:41:13 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 80F6
2 KB
765 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
20212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 80F6
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
20232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 80F6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 22:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
5245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 22:13:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 80F6
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
20232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
l
www.google.com/ads/measurement/ Frame 80F6
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQh42z4eIu8dmOALh-hoB6VBmCdoXNDHjgJtDsRlXjc8F8ia7ISiYJzKmZpmkqeVccSYTJ33_B9NfLvpEohAQFhPUXm5w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 80F6
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 23:41:13 GMT
9d5f24412120a376f470376f2f2984aa.js
www.gstatic.com/mysidia/ Frame 80F6
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 14:34:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13623
x-xss-protection
0
last-modified
Tue, 09 May 2023 14:00:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 07 Aug 2023 14:34:41 GMT
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame 2ED2
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.2059847078~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934872131&bpp=2&bdt=794&idt=388&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZterPBLm0v&p=https%3A//retakebr.com.br&dtd=391
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 06:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
62139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 06:25:34 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 80F6
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cqlhpmc5eZPvhCIOv3wOOsb7gBOu71KxwxPv8qZ0M2tkeEAEgtITxVmCRhKCFjBigAa6YiqICyAEJqQK4Sb-1M2eyPqgDAcgDywSqBPIBT9AiPRnoqZVPYh-zbskGH9gHXcXNiXUNG4TwvYY_qUJBk7NiUjJZqs6Kn02ZWthCdcmtYBj_4Uv7INK_4bBH-FCENfAuCjdMnpJaTNeE4Olilx9xW_hBa8Vf7nKjhwQ_5bBo3zzgSatTg7wYyMrEyEeRHd7zyVUUXL-AFblIEbVIy1IacFBTehriaynK2qCz3uZaKvmcJEO5bQPj1HFLM6qRsqZA0Uwp5W6coHgHG4wFzyxvVaceO2NK8rYMuGgVOr_M4yOLMy5dbRzKDSJrLHsxZ2EI7qCMfher5aP4wkUKzn-IZTTLzdkznRNx8L94KObABIG-jIWeA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe65_XdAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELGIBNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E-QD2BMMiBQC0BUBgBcBshccChoIABIUcHViLTM2Mzc5OTkzMDcwNDQ0MDUYAA&sigh=Ywayf8sbpQA&uach_m=[UACH]&cid=CAQSPABygQiDpNNkwMswIOUeS4N1Nd7FwGHhfS4QDbodYpX9CUErn0MZK3JZb-LKnoTtRjvrKtBUo6cyBCf1NhgB&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 23:41:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/6651195343692795360/ Frame 80F6
19 KB
20 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6651195343692795360/14763004658117789537?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e26deb1646dfeff6b935aa3c58780ff531ba18ed373b5924bc8bac5acc096961
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:18:47 GMT
x-content-type-options
nosniff
age
462146
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19966
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 07:58:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 06 May 2024 15:18:47 GMT
15334278864553842226
tpc.googlesyndication.com/simgad/ Frame 80F6
7 KB
7 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15334278864553842226?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7158b0ea4f182e9658f45c37ecc1da902babf9afa0a3f92f933ea2838e44694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 19:03:21 GMT
x-content-type-options
nosniff
age
535072
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7204
x-xss-protection
0
last-modified
Sat, 01 Aug 2020 11:26:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 05 May 2024 19:03:21 GMT
preload.jpg
c.bannerflow.net/accounts/babboe/60239d7c41a39e09dc00fe90/published/4487841/5646478/ Frame D03D
20 KB
20 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/babboe/60239d7c41a39e09dc00fe90/published/4487841/5646478/preload.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7771bb12fdb57bad3f41eeffd998be3f97e09e4acc8f5f635dd1a21ec159e819

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 23:41:13 GMT
cf-cache-status
HIT
age
1820412
content-length
20182
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 21 Apr 2023 13:11:29 GMT
server
cloudflare
etag
"0x8DB4269EB9DCBB0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
7f6f4ddc-c01e-0089-629c-7457f3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
accept-ranges
bytes
cf-ray
7c6682df69070eaf-AMS
s
googleads.g.doubleclick.net/pagead/drt/ Frame 96CC
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
1817
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 23:10:56 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
preload.jpg
c.bannerflow.net/accounts/babboe/60239d7c41a39e09dc00fe90/published/4563786/5652135/ Frame FBB7
23 KB
23 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/babboe/60239d7c41a39e09dc00fe90/published/4563786/5652135/preload.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93204fae6916fd3e7ab1a4b36606974a88fc4b20b4a6d98feab94cc6ef3aa765

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 23:41:13 GMT
cf-cache-status
HIT
age
1614404
content-length
23256
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Mon, 24 Apr 2023 07:13:12 GMT
server
cloudflare
etag
"0x8DB44935DDDB154"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
b4cd6d1f-101e-0023-747c-7677e5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
accept-ranges
bytes
cf-ray
7c6682df79150eaf-AMS
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0CDA
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
30205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Sat, 13 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 80F6
207 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9499d1601bfc2e5f5b153012cdede0d5454f1c58c931b94cb6ffd706455bd7ca

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 79F0
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
634acfefc5f8af60b35586b05a9cf560363ae18156ca3c5824c6d7472a93168e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
/
c.bannerflow.net/tr/v2/pixel/ Frame D03D
0
81 B
Ping
General
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/643800339b4291437ab49825?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCDHMGmM5eZJPoIpeiywWkjZ2wB_jO74Vw46Ta28cR-uC_oNQBEAEgtITxVmCRhKCFjBigAZGV4vkDyAEJqQK4Sb-1M2eyPqgDAaoE5gFP0B--aVMMqsRQUjePNyfCnHFI9qQKKA1YwgTQ6CgWQTZgtNjvjoxNUvwhuA-MxKaaB48_enwbEZgEZ0XpoGrSNau5oVi0-cWE6KDbVH9PzKtManXSAo0fZJKZ9oIrwLKqAF7j1lMqkkz8pHgcTvARTfxEh98mH_Nw-dgHoVzVoKKFOlesZ6a73z19Rf7nw9Jo-DoATBan8lsW0C58-KucI8rMauKaeYFGGpd8i02Hdqx1ZQ0Fc_q0PnKEWJBgLsVFamaYLkc-5EWEUdFYV1YNeHFnhYCUrOXO7dl8HQXlVz7UFmos_sAElce06ZsEoAYRgAfX6p0GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26cid%3DCAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB%26sig%3DAOD64_2MWyW_H6-ZFhwq6NpFGQ33Lgh-Pw%26client%3Dca-pub-3637999307044405%26adurl%3D&cb=338831000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7c6682e059a80eaf-AMS
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
/
c.bannerflow.net/tr/v2/pixel/ Frame FBB7
0
33 B
Ping
General
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/643803389b4291437ab49883?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9BvTmM5eZJLoIpeiywWkjZ2wB_jO74Vw07Da28cR-uC_oNQBEAEgtITxVmCRhKCFjBigAZGV4vkDyAEJqQK4Sb-1M2eyPqgDAaoE5gFP0Oj_opzBgySng7alZvV38F9Wh7Wwj0sktmdNDy6NcUIEZoTmu1kvtAOM_Zsf_xNGkjNgCUfhogmq01wwMJiTUkZAWRT9Bxrjo93-hecaRe_btsKkFmF2I64oLVb8S64i_ztqsmsk-D6fkgQVGObyOxfnU9CXrwS_ypzurqO7225fMVcaU8VC0_bBqjWVyw3a1FLCd5wXZs6qnDm5JRbK3YNJBCKPF5kwgQE-r-L3PaRRuaBqJA0iQXhON5HaKLN3EP7vkQUq1hvSnHzxq-RshZkzeNwU1KzdiGfhdG88ixwZyam8r8AElce06ZsEoAYRgAfX6p0GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26cid%3DCAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB%26sig%3DAOD64_05dL8Hu5dpgApcF4YXP23bFMX_tw%26client%3Dca-pub-3637999307044405%26adurl%3D&cb=913372724
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7c6682e069b00eaf-AMS
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
adview
googleads.g.doubleclick.net/pagead/ Frame 79F0
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGeKrmM5eZJToIpeiywWkjZ2wB5PcnJNw-JOx3JYKhvL0q9QaEAEgtITxVmCRhKCFjBigAcaDi_QDyAEJqQK4Sb-1M2eyPqgDAcgDywSqBO0BT9Biz4alJux7fi8dQ27bZN6qAiH1aEqwypxui-gxFhzMn-r52lLnprPd-8_a7gDCBL6ea0veWH_tRSpdyIbWDhEaQiME9U0bKzlFFNnqe0GWh3fNJCsJaxYi4VQj0FTmc0K3tTxToycEUdK3GdEdTvEQYSqtB4fc-DhQHAR7s3xMa1nQtK6HALGi4zt85Qfl7JOl7my5ToNSwwzpzN9C-iTuq3GI4EdIg8F9-rgjn25TrGtcZ3tcLG5UTQC7HGckaRNUzH1WDwmZr2ZJBj05L2iguusxl3_MhmGl-rJAGpAOXJ3sO0AwUp0-H0z4wASv6YvntgKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHovz0C6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELjLINIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E-QD2BMMiBQH0BUBgBcBshccChoIABIUcHViLTM2Mzc5OTkzMDcwNDQ0MDUYAA&sigh=ro4Eo5y4-2g&uach_m=[UACH]&cid=CAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB&template_id=484&cbvp=2&vis=1
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 23:41:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame D6FC
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 06:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
62139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 06:25:34 GMT
truncated
/ Frame FBB7
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bd0eba4698c0e213cad95edd592bcad5bdef4518e2a3384e1c1540af00f7c71

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D03D
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73a395827e72e48e26d67a368e77f5e7a0ae6cb23fe90baecb93eb6c20c1de0f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 96CC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 23:41:13 GMT
expires
Fri, 12 May 2023 23:41:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 23:41:13 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 80F6
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 15:24:53 GMT
x-content-type-options
nosniff
age
548180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 15:24:53 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 80F6
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:04:15 GMT
x-content-type-options
nosniff
age
542218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 17:04:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 80F6
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 02:06:17 GMT
x-content-type-options
nosniff
age
77696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 May 2024 02:06:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FBB7
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CQoKPmM5eZJLoIpeiywWkjZ2wB_jO74Vw07Da28cR-uC_oNQBEAEgtITxVmCRhKCFjBigAZGV4vkDyAEJqQK4Sb-1M2eyPqgDAaoE4wFP0Oj_opzBgySng7alZvV38F9Wh7Wwj0sktmdNDy6NcUIEZoTmu1kvtAOM_Zsf_xNGkjNgCUfhogmq01wwMJiTUkZAWRT9Bxrjo93-hecaRe_btsKkFmF2I64oLVb8S64i_ztqsmsk-D6fkgQVGObyOxfnU9CXrwS_ypzurqO7225fMVcaU8VC0_bBqjWVyw3a1FLCd5wXZs6qnDm5JRbK3YNJBCKPF5kwgQE-r-L3PaRRuaBqJA0iQXhON5GYKpLlxA1FuPeA__B7vpdw98RmLZMdYArZZY42A5PLWHfqXa4wO8AElce06ZsEkgUECAQYAZIFBAgFGASgBhGAB9fqnQaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCahg3SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTM2Mzc5OTkzMDcwNDQ0MDUYAA&sigh=6qngjQqCXqc&uach_m=[UACH]&cid=CAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB&cbvp=2&vis=1
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 23:41:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame D03D
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFkq9mM5eZJPoIpeiywWkjZ2wB_jO74Vw46Ta28cR-uC_oNQBEAEgtITxVmCRhKCFjBigAZGV4vkDyAEJqQK4Sb-1M2eyPqgDAaoE4wFP0B--aVMMqsRQUjePNyfCnHFI9qQKKA1YwgTQ6CgWQTZgtNjvjoxNUvwhuA-MxKaaB48_enwbEZgEZ0XpoGrSNau5oVi0-cWE6KDbVH9PzKtManXSAo0fZJKZ9oIrwLKqAF7j1lMqkkz8pHgcTvARTfxEh98mH_Nw-dgHoVzVoKKFOlesZ6a73z19Rf7nw9Jo-DoATBan8lsW0C58-KucI8rMauKaeYFGGpd8i02Hdqx1ZQ0Fc_q0PnKEWJAiLOTXvpUyB7WUza4tczrZC3YH0HtJnVZZHcclZi1WMR0zgYz95MAElce06ZsEkgUECAQYAZIFBAgFGASgBhGAB9fqnQaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCfkgfSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTM2Mzc5OTkzMDcwNDQ0MDUYAA&sigh=oKQeGRFhcD8&uach_m=[UACH]&cid=CAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB&cbvp=2&vis=1
Requested by
Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 23:41:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0CDA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDMP39839uuB864UNz6YmtM&google_cver=1&google_push=ATf1kGMSjcxQhg520Bbgze-PH1XS6HUA7gz9uT2gelk7R4CUbKbcnoHBXVwnt2rGieFbtr3quch_WL6g20QxbQDUx2GHvVd_-FdOAXaO
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQ5MDAwNzA0MjExNTIzMDI1Mg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMP39839uuB864UNz6YmtM&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMP39839uuB864UNz6YmtM&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 May 2023 23:41:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 23:41:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMP39839uuB864UNz6YmtM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 0CDA
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEH6tNpnRJVMSeyZpFaWbftE&google_cver=1&google_push=ATf1kGNZVqa1Rljvwj2gH49_Kp5ivghJAKj7d2UjH0uZ2GTvsugxLyhy-_7RFttYKtvEKOSa7r2BOdSSPFr74VmxOUxcZDGqcCnKNMDk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 May 2023 23:41:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0CDA
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJi0FqMW3fmbZ69fh2YSX8U&google_cver=1&google_push=ATf1kGPcaF4LYCsbqsQeJVXQxBb_UVynIQL-rWaJ09MWZtRiZ1yWPWJX62--rNaNyFTb0tMUI1aXCKa9Y_SsPiVBuZkyHvvtn4TegCP2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 12 May 2023 23:41:13 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 0CDA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESED81sz6sV-Ewe7pIxsiiIzY&google_cver=1&google_push=ATf1kGP5Ft4DFX3p4IwqAB06T3MQbYtI86f2X0PS0HkPkMfSMzbZowrt2lXYinO-8Z31qNZWIh5uhdFCu_HS5xanHea5...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESED81sz6sV-Ewe7pIxsiiIzY&google_cver=1&google_push=ATf1kGP5Ft4DFX3p4IwqAB06T3MQbYtI86f2X0PS0HkPkMfSMzbZowrt2lXYinO-8Z31qNZWIh5uhdFCu_HS5x...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5Ft4DFX3p4IwqAB06T3MQbYtI86f2X0PS0HkPkMfSMzbZowrt2lXYinO-8Z31qNZWIh5uhdFCu_HS5xanHea58yI3231vr2Dw&google_hm=UGdeJ-Z7TVO0RsL5m9g...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5Ft4DFX3p4IwqAB06T3MQbYtI86f2X0PS0HkPkMfSMzbZowrt2lXYinO-8Z31qNZWIh5uhdFCu_HS5xanHea58yI3231vr2Dw&google_hm=UGdeJ-Z7TVO0RsL5m9gswQ==
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 23:41:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5Ft4DFX3p4IwqAB06T3MQbYtI86f2X0PS0HkPkMfSMzbZowrt2lXYinO-8Z31qNZWIh5uhdFCu_HS5xanHea58yI3231vr2Dw&google_hm=UGdeJ-Z7TVO0RsL5m9gswQ==
date
Fri, 12 May 2023 23:41:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 0CDA
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEElTeCy-SejSf7PWoBgA72s&google_cver=1&google_push=ATf1kGPJeg5rbtCsNOYpnyUgxXRvuzCF_D60eCX_g9nEbs5msalGmAibAX3sghhDJu62U24e8duQD7F1M6Zg0yN3k1bkuHpXM_UoV7e7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 23:41:13 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
235990
expires
Fri, 12 May 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0CDA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO8uToOuKnfLP1BBNlFBxac&google_cver=1&google_push=ATf1kGPqoOvFbhWHSqilRFrwUFNUNxtpxvwGiqHeJYcLWlFzf1usyS8WAJw_i8ZyZE40xjURgHOw7q3j...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO8uToOuKnfLP1BBNlFBxac&google_cver=1&google_push=ATf1kGPqoOvFbhWHSqilRFrwUFNUNxtpxvwGiqHeJYcLWlFzf1usyS8WAJw_i8ZyZE40xjURgHO...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkxNTUyNjg0NTY2MjkzNjIzNQ&google_push=ATf1kGPqoOvFbhWHSqilRFrwUFNUNxtpxvwGiqHeJYcLWlFzf1usyS8WAJw_i8ZyZE40xjURgHOw7q...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkxNTUyNjg0NTY2MjkzNjIzNQ&google_push=ATf1kGPqoOvFbhWHSqilRFrwUFNUNxtpxvwGiqHeJYcLWlFzf1usyS8WAJw_i8ZyZE40xjURgHOw7q3j2mZLXBq3P7BTkyGHXV10HKUR
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 23:41:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 23:41:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkxNTUyNjg0NTY2MjkzNjIzNQ&google_push=ATf1kGPqoOvFbhWHSqilRFrwUFNUNxtpxvwGiqHeJYcLWlFzf1usyS8WAJw_i8ZyZE40xjURgHOw7q3j2mZLXBq3P7BTkyGHXV10HKUR
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0CDA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENs-t2TojXGFUHpDreUbgJo&google_cver=1&google_push=ATf1kGPQck_SZpfFi96QbqBh9UflyWtrUIsVdx7zVxcrCiX4s0rEegMskj_h72Rn-IEkEwD2QAW...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMN0NHRTktOS04UDky&google_push=ATf1kGPQck_SZpfFi96QbqBh9UflyWtrUIsVdx7zVxcrCiX4s0rEegMskj_h72Rn-IEkEwD2QAW-YYYRoY-6_l9TJaJ1AbzOOsqz1YRX
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMN0NHRTktOS04UDky&google_push=ATf1kGPQck_SZpfFi96QbqBh9UflyWtrUIsVdx7zVxcrCiX4s0rEegMskj_h72Rn-IEkEwD2QAW-YYYRoY-6_l9TJaJ1AbzOOsqz1YRX
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 23:41:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMN0NHRTktOS04UDky&google_push=ATf1kGPQck_SZpfFi96QbqBh9UflyWtrUIsVdx7zVxcrCiX4s0rEegMskj_h72Rn-IEkEwD2QAW-YYYRoY-6_l9TJaJ1AbzOOsqz1YRX
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 0CDA
0
139 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0Bw1e3PTKf5BolzLVfzXoFGxx2irmxMvH1YQqfU9cphf86QgSrqRimLkdGRsK-6jWpXPt
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e5d2d1cedeca8457def33ed18612ad0499c93bc1253e17f4845b083e8765bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11214
x-xss-protection
0
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame 5F0B
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1683934871&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683934873083&bpp=1&bdt=1745&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De95b450ee16770a6-22b82b07a1df006d%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w&gpic=UID%3D00000bf9c3144b84%3AT%3D1683934872%3ART%3D1683934872%3AS%3DALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg&prev_fmts=0x0%2C1200x280&nras=3&correlator=851783795832&frm=20&pv=1&ga_vid=1104410562.1683934872&ga_sid=1683934873&ga_hid=748267028&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44773810%2C42531706%2C44788442%2C44792088&oid=2&pvsid=358274233090109&tmod=471723604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eMWJv8wfMB&p=https%3A//retakebr.com.br&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 06:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
62139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 06:25:34 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 May 2023 23:41:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A65A
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://retakebr.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
5247
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 22:13:47 GMT
expires
Sat, 11 May 2024 22:13:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E93A
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
da6d55ed86f8c780b571d327ad9ba46085356200e121afe5cc1ae583a8a0d3ac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CfysLSt6YhYIhE-EB-ucSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retakebr.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-CfysLSt6YhYIhE-EB-ucSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 23:41:14 GMT
expires
Fri, 12 May 2023 23:41:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame A65A
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 06:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
62140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 06:25:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E93A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=358274233090109&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame A65A
0
11 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?KqU7EA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F4FE
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveAin7BcInFKZB6DYYn6iB2qAYHtBqCJ2CRm94yAZ8d5dscj-s2iNf2ICftv1rVSttUEVQ8O_L8aBKfTli-AmU-xGTJSC5H7JyecgvEuF10nGsUp7d63D_g_2VU4ZMFRo-kFt1oQ&sai=AMfl-YT-kBVW-SYWhnLATvrnUvoMVpp_xRM2tfxRZrnmi5YaW3CekSOfyR2YssThyJh4XeyJ7kL0nmITqg3e&sig=Cg0ArKJSzG4spy6gACwSEAE&cid=CAQSGwBygQiDdy-xrp5hbMbUwlAMPSho2jnhvVaL5RgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683934872523&rpt=847&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 23:41:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
document.0000001C79963E.js
c.bannerflow.net/accounts/babboe/60239d7c41a39e09dc00fe90/published/4487841/5646478/ Frame D03D
27 KB
5 KB
Script
General
Full URL
https://c.bannerflow.net/accounts/babboe/60239d7c41a39e09dc00fe90/published/4487841/5646478/document.0000001C79963E.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/643800339b4291437ab49825?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCDHMGmM5eZJPoIpeiywWkjZ2wB_jO74Vw46Ta28cR-uC_oNQBEAEgtITxVmCRhKCFjBigAZGV4vkDyAEJqQK4Sb-1M2eyPqgDAaoE5gFP0B--aVMMqsRQUjePNyfCnHFI9qQKKA1YwgTQ6CgWQTZgtNjvjoxNUvwhuA-MxKaaB48_enwbEZgEZ0XpoGrSNau5oVi0-cWE6KDbVH9PzKtManXSAo0fZJKZ9oIrwLKqAF7j1lMqkkz8pHgcTvARTfxEh98mH_Nw-dgHoVzVoKKFOlesZ6a73z19Rf7nw9Jo-DoATBan8lsW0C58-KucI8rMauKaeYFGGpd8i02Hdqx1ZQ0Fc_q0PnKEWJBgLsVFamaYLkc-5EWEUdFYV1YNeHFnhYCUrOXO7dl8HQXlVz7UFmos_sAElce06ZsEoAYRgAfX6p0GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26cid%3DCAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB%26sig%3DAOD64_2MWyW_H6-ZFhwq6NpFGQ33Lgh-Pw%26client%3Dca-pub-3637999307044405%26adurl%3D&cb=338831000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fdb3a40899653861a6fa39352d8d201d0074837878b41404465398acaded59

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 23:41:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
wg4VGGbkDgc8lpueUionwg==
age
1820332
cf-polished
origSize=30338
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 21 Apr 2023 13:11:31 GMT
server
cloudflare
etag
W/"0x8DB4269EC8FDF3D"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3acfeb0c-801e-006c-169c-7406b1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
7c6682e5af0e0eaf-AMS
animated-creative.f8c710f8cb6a3a2d21fc.js
c.bannerflow.net/scripts/ Frame D03D
155 KB
53 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/animated-creative.f8c710f8cb6a3a2d21fc.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/643800339b4291437ab49825?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCDHMGmM5eZJPoIpeiywWkjZ2wB_jO74Vw46Ta28cR-uC_oNQBEAEgtITxVmCRhKCFjBigAZGV4vkDyAEJqQK4Sb-1M2eyPqgDAaoE5gFP0B--aVMMqsRQUjePNyfCnHFI9qQKKA1YwgTQ6CgWQTZgtNjvjoxNUvwhuA-MxKaaB48_enwbEZgEZ0XpoGrSNau5oVi0-cWE6KDbVH9PzKtManXSAo0fZJKZ9oIrwLKqAF7j1lMqkkz8pHgcTvARTfxEh98mH_Nw-dgHoVzVoKKFOlesZ6a73z19Rf7nw9Jo-DoATBan8lsW0C58-KucI8rMauKaeYFGGpd8i02Hdqx1ZQ0Fc_q0PnKEWJBgLsVFamaYLkc-5EWEUdFYV1YNeHFnhYCUrOXO7dl8HQXlVz7UFmos_sAElce06ZsEoAYRgAfX6p0GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26cid%3DCAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB%26sig%3DAOD64_2MWyW_H6-ZFhwq6NpFGQ33Lgh-Pw%26client%3Dca-pub-3637999307044405%26adurl%3D&cb=338831000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0488b95bf473ffa91949896ef83fdf83d122f93979592bf1e02b9010d8550282

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 23:41:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
zooAA80MNrJckb/75RPgfQ==
age
2119122
cf-polished
origSize=159248
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 18 Apr 2023 10:59:30 GMT
server
cloudflare
etag
W/"0x8DB3FFBFC2B537F"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b187f425-501e-0022-24e5-712839000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
7c6682e5af110eaf-AMS
document.0000003D473778.js
c.bannerflow.net/accounts/babboe/60239d7c41a39e09dc00fe90/published/4563786/5652135/ Frame FBB7
22 KB
4 KB
Script
General
Full URL
https://c.bannerflow.net/accounts/babboe/60239d7c41a39e09dc00fe90/published/4563786/5652135/document.0000003D473778.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/643803389b4291437ab49883?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9BvTmM5eZJLoIpeiywWkjZ2wB_jO74Vw07Da28cR-uC_oNQBEAEgtITxVmCRhKCFjBigAZGV4vkDyAEJqQK4Sb-1M2eyPqgDAaoE5gFP0Oj_opzBgySng7alZvV38F9Wh7Wwj0sktmdNDy6NcUIEZoTmu1kvtAOM_Zsf_xNGkjNgCUfhogmq01wwMJiTUkZAWRT9Bxrjo93-hecaRe_btsKkFmF2I64oLVb8S64i_ztqsmsk-D6fkgQVGObyOxfnU9CXrwS_ypzurqO7225fMVcaU8VC0_bBqjWVyw3a1FLCd5wXZs6qnDm5JRbK3YNJBCKPF5kwgQE-r-L3PaRRuaBqJA0iQXhON5HaKLN3EP7vkQUq1hvSnHzxq-RshZkzeNwU1KzdiGfhdG88ixwZyam8r8AElce06ZsEoAYRgAfX6p0GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26cid%3DCAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB%26sig%3DAOD64_05dL8Hu5dpgApcF4YXP23bFMX_tw%26client%3Dca-pub-3637999307044405%26adurl%3D&cb=913372724
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d79143ae7c0c46afcf702fd7b2fcd951346774a10c0c68ecda50c40f1896086

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 23:41:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
/dmBrLpfOPTS3utUg/Jarg==
age
1614404
cf-polished
origSize=25210
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Mon, 24 Apr 2023 07:13:14 GMT
server
cloudflare
etag
W/"0x8DB44935E969184"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5eea9fb2-201e-0028-1b7c-768c8e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
7c6682e5bf1c0eaf-AMS
animated-creative.f8c710f8cb6a3a2d21fc.js
c.bannerflow.net/scripts/ Frame FBB7
155 KB
53 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/animated-creative.f8c710f8cb6a3a2d21fc.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/643803389b4291437ab49883?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9BvTmM5eZJLoIpeiywWkjZ2wB_jO74Vw07Da28cR-uC_oNQBEAEgtITxVmCRhKCFjBigAZGV4vkDyAEJqQK4Sb-1M2eyPqgDAaoE5gFP0Oj_opzBgySng7alZvV38F9Wh7Wwj0sktmdNDy6NcUIEZoTmu1kvtAOM_Zsf_xNGkjNgCUfhogmq01wwMJiTUkZAWRT9Bxrjo93-hecaRe_btsKkFmF2I64oLVb8S64i_ztqsmsk-D6fkgQVGObyOxfnU9CXrwS_ypzurqO7225fMVcaU8VC0_bBqjWVyw3a1FLCd5wXZs6qnDm5JRbK3YNJBCKPF5kwgQE-r-L3PaRRuaBqJA0iQXhON5HaKLN3EP7vkQUq1hvSnHzxq-RshZkzeNwU1KzdiGfhdG88ixwZyam8r8AElce06ZsEoAYRgAfX6p0GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26cid%3DCAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB%26sig%3DAOD64_05dL8Hu5dpgApcF4YXP23bFMX_tw%26client%3Dca-pub-3637999307044405%26adurl%3D&cb=913372724
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0488b95bf473ffa91949896ef83fdf83d122f93979592bf1e02b9010d8550282

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 23:41:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
zooAA80MNrJckb/75RPgfQ==
age
2119122
cf-polished
origSize=159248
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 18 Apr 2023 10:59:30 GMT
server
cloudflare
etag
W/"0x8DB3FFBFC2B537F"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b187f425-501e-0022-24e5-712839000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
7c6682e5bf1d0eaf-AMS
activeview
pagead2.googlesyndication.com/pcs/ Frame 79F0
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssy6ElFt-1H5NTxcdMs59hA3TfyGD4Wm9LV4JAbQmI_CUwVrBJ_MW2qVtw959HouAfp24aZboITmBDYUa2LASzCsByxmHaOTk31M4nyXi1TupQSveQgP5ctJxPbdOvOtrUPhvfuJg&sai=AMfl-YTWljJgqLJjEn2AU-1g_IPFyoaYfoN6GnZFqz3Jggjfok0UEbLfLyWk8hLLaaHDuXnAgh-vwJLlIOhQ&sig=Cg0ArKJSzBfKqSb7lK4VEAE&cid=CAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=154,838,1000,1000,1000&tos=154,684,162,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683934873200&rpt=459&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 23:41:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame D03D
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/webp
199f1151-c028-4ce7-a9a6-5f8dd1ebe056
https://googleads.g.doubleclick.net/ Frame A472
668 B
0
Script
General
Full URL
blob:https://googleads.g.doubleclick.net/199f1151-c028-4ce7-a9a6-5f8dd1ebe056
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.f8c710f8cb6a3a2d21fc.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
668
Content-Type
font
c.bannerflow.net/fs/api/v2/ Frame D03D
2 KB
3 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F60239d7c3be9807164906487%2F4b909dd0-d631-456f-a247-ad8c30a916e8.woff&t=%20%21LVdelnort
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f2d8d570414de78015429dcc2f674a7c350773d4abe1c5a1357b55901f7d5e

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:14 GMT
cf-cache-status
HIT
last-modified
Thu, 20 Apr 2023 22:05:41 GMT
server
cloudflare
age
1906533
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=4b909dd0-d631-456f-a247-ad8c30a916e8-subset.woff
cf-ray
7c6682e77f0bb8ae-AMS
expires
Fri, 19 Apr 2024 22:05:41 GMT
truncated
/ Frame FBB7
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/webp
966c2340-3f01-4c78-8d89-0da64922afd6
https://googleads.g.doubleclick.net/ Frame 0575
668 B
0
Script
General
Full URL
blob:https://googleads.g.doubleclick.net/966c2340-3f01-4c78-8d89-0da64922afd6
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.f8c710f8cb6a3a2d21fc.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
668
Content-Type
activeview
pagead2.googlesyndication.com/pcs/ Frame FBB7
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIJ4gpBIDHkI-DJFhvT3d4U9geA4qWt_LexzKCvpWAa2zttKl8U4nle3GKzoti2oOl7J_FuRRsZ_8VV8x-pbtyjdGG54VXqdmNl0vFOUtx_cr662WBDH80q-RxaXjRYQiH1-Sksg&sai=AMfl-YSRvolE-sRFrfxrKcURjlLJOvPJ5tzkj55xkfnovC-9kVHzkcNx80N7sW2FeGmZlu5BD7W8fAGMoMPA&sig=Cg0ArKJSzLNR8qS3E0saEAE&cid=CAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB&id=lidar2&mcvt=1048&p=0,0,600,160&mtos=1048,1048,1048,1048,1048&tos=1048,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683934873263&rpt=382&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 23:41:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D03D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-w-1C8mKh9iHrjgc82mhv1AqtdR9HhU6XAWx-NJfRdblLHCX1QLGsSzr3DxUUAbfILPUMrH7zN5L8BojbqtNxTsL1SjduRdBMWpv2YIUmVG7ylam5V-i_p2kxpFE6Ym8rYrK6Ng&sai=AMfl-YR7eLJAOjy56BswSbHpu09QY1LbOiA0aH5dQZv7zLY10G0IGSteSwPzc1hXXr1WsxsMEMroEphRLWr8&sig=Cg0ArKJSzCzP7eyvymgTEAE&cid=CAQSGwBygQiDGDOECjHh7ET4Cf9f-OJxCOjjC-PD1xgB&id=lidar2&mcvt=1049&p=0,0,600,160&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683934873277&rpt=363&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 23:41:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
font
c.bannerflow.net/fs/api/v2/ Frame FBB7
3 KB
3 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F60239d7c3be9807164906487%2F68e2e5cc-f95c-4350-b9d9-cd35d6e2d981.woff&t=%20%3Eabefiklnst
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45eb8d41157b8bf6e57deef8b605b8e6acee5721497233703f9797cc4d76d255

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:14 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Apr 2023 07:56:10 GMT
server
cloudflare
age
2562304
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=68e2e5cc-f95c-4350-b9d9-cd35d6e2d981-subset.woff
cf-ray
7c6682e78f1bb8ae-AMS
expires
Fri, 12 Apr 2024 07:56:10 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=358274233090109&bg=!PD-lP2vNAAYldGN0BXQ7ADkAdvg8WpZbNBV0x506oKaLhXpcPtobTUea91M8I6Mfl_RZzdQ8Wigdex4xf2eIIhlhb-wVO7-nZ9gCAAAAWFIAAAABaAEHCgBCGkr8PZ_auDPddUBOZEpIMIMSuF8SdIsI9IlJPZrR1-HmpZviDijKBVXiyPtjpqSN4iIeJeI_XKU6rKr40lGAcy7dmQKkGn8xxYsJEqtOV1sYtnh9lCLvhkYb_9Ptn3A7jG-s_pQtLBJROeusUDNSlWQrCURmObJMjdH_velVm2Z0rg29tF6syEtL3DyjL3uLrrqZK8T9xuM00hIypwoyNZvItUlEMXGUtnftOzYp02zTXxu6hS2X8lrR-gT9-Rn4vwXHXX7_5I3S7EsrQmQybmIZ53gTXck42NSbOh9X6hoKRykASauZxzimMJzhXKjuklfLbOzOFc01yk9oj8E1zlBKagxLzIShmXDz5scnXRaN18QJ9-p45lEft2CJXNyVwOdg1fAPS9twVEpnCJbzdnG-Vf6KnPD2Bd4lsULhJr2T4rXu_v471Rhw7gOB67i__GCKfVecPbS6Z9YWf9CxIr8_NHpZ-h8w4kDc_kM6FEdWtb5P6oPTAruCEohNFogCQ6vxpSa5Npq3uaSLvaoW3hOsfq7bmgbpYpjLbDQ0Jm-A8RM2qdU1CeFOg2bc5WRLLfEMpK8mhhsd1b4LNljhRm8ta1BFP_HoXikeFPqq9m4Mat31I73I3_JItXG8VxezaqNS_titaY6bCay4TdLHzdqlcI1MdRHvdx6n7vrqDfkTBCWXjHS7Xqg0669ohqH7Kk67OM1_sBynD0rSabfPcbOcRjUzFpOAG44N-B-5zpAOlozkSHKaA8dnNspgLHHWMz2j9gTFuJDGECVj3F8dvqEhFkE8V5vEkcznpE5qH5YALYHk8xqHUmhXJxRSKtG4RLcXXaSzXKn8qZWLfX38G3lAWV8twDueIXVgvVNTtrzG31VFgcBmVJ493qs8b0DKDiHP3e2hArDjjJ6GwgSVi3YNvO9g1iJQrUNXIRG0LuR0Tv-obKC-OIuKi4tnmNg6LoJY_d31pPDb90aJ2w37BXvODR-vtd2hoA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://retakebr.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

font
c.bannerflow.net/fs/api/v2/ Frame D03D
2 KB
2 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F60239d7c3be9807164906487%2Fd4c0e3ae-8266-4df9-ba25-b40d2620017f.woff&t=%20%3EBaceijkt
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e0894e408837df4fc619d324ce5065457357b0bc9ef98344276e6775162dec4

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:14 GMT
cf-cache-status
HIT
last-modified
Thu, 04 May 2023 13:23:06 GMT
server
cloudflare
age
728288
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=d4c0e3ae-8266-4df9-ba25-b40d2620017f-subset.woff
cf-ray
7c6682e7cf32b8ae-AMS
expires
Fri, 03 May 2024 13:23:06 GMT
font
c.bannerflow.net/fs/api/v2/ Frame FBB7
2 KB
2 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F60239d7c3be9807164906487%2F8cfef936-3341-4c5a-bf58-a872797b7a0e.woff&t=%20%2C-035Tot
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100a2cc761359d47f4efd9fe8a87df9878d3601b56532ee02cfe1e231769639e

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:14 GMT
cf-cache-status
HIT
last-modified
Mon, 24 Apr 2023 07:15:02 GMT
server
cloudflare
age
1614372
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=8cfef936-3341-4c5a-bf58-a872797b7a0e-subset.woff
cf-ray
7c6682e7cf33b8ae-AMS
expires
Tue, 23 Apr 2024 07:15:02 GMT
font
c.bannerflow.net/fs/api/v2/ Frame D03D
2 KB
2 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F60239d7c3be9807164906487%2Ff350c87a-2eec-4fc1-a1ac-e97e141b55b2.woff&t=%20%2C-035Tot
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fca45286eb46563e48f8af8c225ff4ca8925942626a56d4b1de50a438e670624

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:14 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Apr 2023 22:01:12 GMT
server
cloudflare
age
1734002
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=f350c87a-2eec-4fc1-a1ac-e97e141b55b2-subset.woff
cf-ray
7c6682e7ff6db8ae-AMS
expires
Sun, 21 Apr 2024 22:01:12 GMT
font
c.bannerflow.net/fs/api/v2/ Frame FBB7
2 KB
2 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F60239d7c3be9807164906487%2F4b909dd0-d631-456f-a247-ad8c30a916e8.woff&t=%20%21LVdelnort
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f2d8d570414de78015429dcc2f674a7c350773d4abe1c5a1357b55901f7d5e

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:14 GMT
cf-cache-status
HIT
last-modified
Thu, 20 Apr 2023 22:05:41 GMT
server
cloudflare
age
1906533
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=4b909dd0-d631-456f-a247-ad8c30a916e8-subset.woff
cf-ray
7c6682e7ff70b8ae-AMS
expires
Fri, 19 Apr 2024 22:05:41 GMT
font
c.bannerflow.net/fs/api/v2/ Frame D03D
2 KB
2 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F60239d7c3be9807164906487%2Fbf1a1086-42fa-4f9d-a5b2-a08bca2c2995.woff&t=.ln
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3a0cb000ce8066a28eeaa0ae6da2b0e3e4a953058c67572e98d321891d0c15

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:14 GMT
cf-cache-status
HIT
last-modified
Thu, 20 Apr 2023 07:50:05 GMT
server
cloudflare
age
1957869
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=bf1a1086-42fa-4f9d-a5b2-a08bca2c2995-subset.woff
cf-ray
7c6682e82f92b8ae-AMS
expires
Fri, 19 Apr 2024 07:50:05 GMT
font
c.bannerflow.net/fs/api/v2/ Frame FBB7
2 KB
2 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F60239d7c3be9807164906487%2Fa9052d01-b240-4198-908d-cc776a3e415d.woff&t=.ln
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51593a78cb7e167fa9afd336c013ad6b3872b6cc30174e79315c7d3734a5cbd5

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:14 GMT
cf-cache-status
HIT
last-modified
Thu, 20 Apr 2023 07:50:18 GMT
server
cloudflare
age
1957856
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=a9052d01-b240-4198-908d-cc776a3e415d-subset.woff
cf-ray
7c6682e83f9ab8ae-AMS
expires
Fri, 19 Apr 2024 07:50:18 GMT
optimize
c.bannerflow.net/io/api/image/ Frame F606
4 KB
4 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbabboe%2F60239d7c41a39e09dc00fe90%2Fimages%2F2f797f5f-d7f7-4877-b2bc-8c8045b6b226.jpg&w=157&h=154&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf49edc51f2846300865dcef42430408ac05b2cb2a1d5889d449d244ff8ecc6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:15 GMT
cf-cache-status
HIT
last-modified
Fri, 12 May 2023 06:57:43 GMT
api-supported-versions
2.0
server
cloudflare
age
60212
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7c6682e8b9380eaf-AMS
content-length
3936
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F606
3 KB
4 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbabboe%2F60239d7c41a39e09dc00fe90%2Fimages%2F33100f1c-ed32-4d7e-92b6-523815e2e0de.jpg&w=198&h=197&q=85&f=webp&rt=cover&x1=0&y1=2&x2=800&y2=798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9c1fe469de675e209b67a4990c81f2d471f676d017af6f52cc08a4d5d407af

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:15 GMT
cf-cache-status
HIT
last-modified
Fri, 12 May 2023 02:00:10 GMT
api-supported-versions
2.0
server
cloudflare
age
78065
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7c6682e8b93c0eaf-AMS
content-length
3424
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F606
10 KB
10 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbabboe%2F60239d7c41a39e09dc00fe90%2Fimages%2Ff79e4bc2-aa00-44fb-a0e8-4bfd619419f2.png&w=180&h=165&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f3c4ae9f9fb15c6bb26cbe82d8e268e04cff95b1b48ba81dc2e40ab17349fc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:15 GMT
cf-cache-status
HIT
last-modified
Fri, 12 May 2023 07:10:13 GMT
api-supported-versions
2.0
server
cloudflare
age
59462
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7c6682e8b93d0eaf-AMS
content-length
10636
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F606
9 KB
9 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbabboe%2F60239d7c41a39e09dc00fe90%2Fimages%2Ffee00b3d-1106-4566-ba03-1e1ef1e18071.png&w=178&h=183&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe465152b428ec407955b2c05c1df25758ca133c3eb3b7a65d71549602f6589

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:15 GMT
cf-cache-status
HIT
last-modified
Fri, 12 May 2023 02:00:10 GMT
api-supported-versions
2.0
server
cloudflare
age
78065
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7c6682e8b93e0eaf-AMS
content-length
9630
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
efdd2041-d82e-43f1-b4e5-1f89bbeeaa7b.svg
c.bannerflow.net/accounts/babboe/60239d7c41a39e09dc00fe90/images/ Frame F606
3 KB
1 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/babboe/60239d7c41a39e09dc00fe90/images/efdd2041-d82e-43f1-b4e5-1f89bbeeaa7b.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ea52d16de1ac66d40526359e1301794fca3f869662683ada1e4b28f55f87782

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 23:41:15 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
O84dZIiZ1u88plYkKv6iew==
age
2956
x-ms-lease-status
unlocked
last-modified
Wed, 10 Feb 2021 09:06:22 GMT
server
cloudflare
etag
W/"0x8D8CDA322E62F1F"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b57d0cd0-501e-0022-5f7b-ee2839000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
7c6682e8b9410eaf-AMS
efdd2041-d82e-43f1-b4e5-1f89bbeeaa7b.svg
c.bannerflow.net/accounts/babboe/60239d7c41a39e09dc00fe90/images/ Frame 9A40
3 KB
1 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/babboe/60239d7c41a39e09dc00fe90/images/efdd2041-d82e-43f1-b4e5-1f89bbeeaa7b.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.f8c710f8cb6a3a2d21fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ea52d16de1ac66d40526359e1301794fca3f869662683ada1e4b28f55f87782

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 23:41:15 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
O84dZIiZ1u88plYkKv6iew==
age
2956
x-ms-lease-status
unlocked
last-modified
Wed, 10 Feb 2021 09:06:22 GMT
server
cloudflare
etag
W/"0x8D8CDA322E62F1F"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b57d0cd0-501e-0022-5f7b-ee2839000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
7c6682e8d9530eaf-AMS
optimize
c.bannerflow.net/io/api/image/ Frame 9A40
75 KB
75 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbabboe%2F60239d7c41a39e09dc00fe90%2Fimages%2Fe589d396-cc04-4878-a7f4-adce36f8f7c8.jpg&w=661&h=1105&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40233db22a866f6af4cb64b16cdd13ba22c326dced146b8337c7b9595258b06d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:41:15 GMT
cf-cache-status
HIT
last-modified
Fri, 12 May 2023 01:05:24 GMT
api-supported-versions
2.0
server
cloudflare
age
81351
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7c6682e8d9570eaf-AMS
content-length
76782
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 boolean| credentialless undefined| $ function| jQuery function| gtag object| dataLayer object| FontAwesomeKitConfig object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

14 Cookies

Domain/Path Name / Value
.retakebr.com.br/ Name: _ga_DY10Q8W48M
Value: GS1.1.1683934872.1.0.1683934872.60.0.0
.retakebr.com.br/ Name: _ga
Value: GA1.1.1104410562.1683934872
.retakebr.com.br/ Name: __gads
Value: ID=e95b450ee16770a6-22b82b07a1df006d:T=1683934872:RT=1683934872:S=ALNI_MZv2Z-TIul2DaG2VGjz4753A5j86w
.retakebr.com.br/ Name: __gpi
Value: UID=00000bf9c3144b84:T=1683934872:RT=1683934872:S=ALNI_MbGbEepjlI8glUZ_ek9A2EKPJgpSg
.doubleclick.net/ Name: IDE
Value: AHWqTUlD6-LEX4lXY_roKKrnDBCy8SO184RpFeWG3C5B5NgGUO0CCRmXe45KRGzx0WI
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA
.bidswitch.net/ Name: tuuid
Value: 50675e27-e67b-4d53-b446-c2f99bd82cc1
.bidswitch.net/ Name: c
Value: 1683934873
.bidswitch.net/ Name: tuuid_lu
Value: 1683934873
.bidswitch.net/ Name: google_push
Value: ATf1kGP5Ft4DFX3p4IwqAB06T3MQbYtI86f2X0PS0HkPkMfSMzbZowrt2lXYinO-8Z31qNZWIh5uhdFCu_HS5xanHea58yI3231vr2Dw
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8915526845662936235
.turn.com/ Name: uid
Value: 4490007042115230252

2 Console Messages

Source Level URL
Text
network error URL: https://mts0.google.com/vt/data=D3LaKX6QiswYoPiisZ_Nl3mt4ZitJmUocE2YuEjcGMvtoxI86hD5UvqqDPEJfq9CGX0E93NE-_tFSZnHpGskTg
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-3637999307044405&fa=1&ifi=9&uci=a!9&btvi=4&xpc=2lay8pHzMX&p=https%3A//retakebr.com.br
Message:
The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.com
adservice.google.nl
c.bannerflow.net
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
match.adsrvr.org
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
r.turn.com
region1.analytics.google.com
retakebr.com.br
skinsgratiscsgo.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.185.162
15.197.193.217
178.250.7.11
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2606:4700:3037::ac43:8bc3
2606:4700::6811:190e
2606:4700::6812:1634
2606:4700::6812:ae65
2606:4700:e0::ac40:640a
2a00:1450:4001:800::2008
2a00:1450:4001:802::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200e
2a00:1450:400c:c09::9c
2a06:98c1:3121::3
3.66.102.95
37.157.3.30
69.173.144.138
98.98.134.241
00d95d227b9bd0dd83e85e3d500df081df39b06ede70693bf1d6947b00f510a4
01a8c0a72b01c4958f09c4ad2b34aa6f878ff6d3438c1c900d464eab294aecab
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
03e98968d5cc94c226ba43f137a1608b4eca5bd13261d0268541027adc471a29
0488b95bf473ffa91949896ef83fdf83d122f93979592bf1e02b9010d8550282
05d34e3820421019e1d3b4ad2ba7d03f0a0a74f94664f4393cc07730c8f7abbb
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
07545caaf9707de642e908cbfe3197e4ccfe99b88162aa3913c7e85f59191de2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e447e19629ac67b14836fa86c5e0819a3f5484112ffc75211602e063032a875
100a2cc761359d47f4efd9fe8a87df9878d3601b56532ee02cfe1e231769639e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1bd0eba4698c0e213cad95edd592bcad5bdef4518e2a3384e1c1540af00f7c71
1d79143ae7c0c46afcf702fd7b2fcd951346774a10c0c68ecda50c40f1896086
1e0894e408837df4fc619d324ce5065457357b0bc9ef98344276e6775162dec4
1e3c90f680934dbc839cb5833ef8d9c564b9b8fede36556aa9ff5763e68638bc
1f9c1fe469de675e209b67a4990c81f2d471f676d017af6f52cc08a4d5d407af
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
271a49663426fc5110b4d5c0f396dbc4988e082ca598f7f5e08d5887ba2f310b
2bf77546bc9628aa693ac5ea212bf8b326821fe39959d50bda9f9d045f5e5c6c
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2df9f992edf7d3f27925721d4a1a36948fff0ae353161cd6dc2bf1c36c9b091f
2f3627ec514d1bb95155f45526860b90fe4ff34264d839baf0d70f9ffdc0efbe
2f3ce90ce1710b43bd91de6ab00f1055700bcdd00970876f63f5235d6e4635f1
308153511f076016aefcf5f60d1b84ffac9e377f19af236e00914f1ced4a5f9e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32afa04027dddbad973f85fde896b2f0862dafc7419da5079fba45c1b0cdd51f
39fdb3a40899653861a6fa39352d8d201d0074837878b41404465398acaded59
3ea52d16de1ac66d40526359e1301794fca3f869662683ada1e4b28f55f87782
40233db22a866f6af4cb64b16cdd13ba22c326dced146b8337c7b9595258b06d
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
43876c523ee036ff6d78a4b8dd69f8be38b6d1d73347d55f0bb2d6453b1b7489
4478b0cc063a5f2d2a75a157441109535f517fbaadf2040b80899eb3b3e9c697
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
45eb8d41157b8bf6e57deef8b605b8e6acee5721497233703f9797cc4d76d255
4611db068092557973310773d1748cf6054961d7a28bb6da21cdc5d04e374648
483726921f3750500b585e5aa13db1ec1a46147ad86d06fbc6b2350eb72b3703
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
4c7fe9f4b7e2cbaeadf56a93f537dfe760444ddbc081a7d12aa5c97c98cafce9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
4f0fefab783abd19bc1b6c4f9dedd620764d243d141165603c77bb5152c231c0
51593a78cb7e167fa9afd336c013ad6b3872b6cc30174e79315c7d3734a5cbd5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5bf473dd0c202f9f1357694a4685cbc621506354626c284f860d53eef926cf03
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e3a0cb000ce8066a28eeaa0ae6da2b0e3e4a953058c67572e98d321891d0c15
5fcc2befcec256bcdd3d1eeabca1b401002665ddb249e467cbd7fbcc0eaa4bfe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634acfefc5f8af60b35586b05a9cf560363ae18156ca3c5824c6d7472a93168e
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55
6de242265cf0c8ac812427bcfafd48416f1deebf9164d4185be216b6d3081cea
71f45fa39b9e00c82913d3a7a044af7536baba93519cc84ccfd346c4895cb2f1
7359b7a9e1c457a32c5d58a0e5edcccb4dd192218baca38074c455cd09c30046
73a395827e72e48e26d67a368e77f5e7a0ae6cb23fe90baecb93eb6c20c1de0f
756de73dc6eb6c5c7f71a906ddc4e66109aed9d56312c92c18a880ce0fe7e86a
76a9c3c6bc51fb4004ea871ff82d9c580035af30537c024b1cef2070ae46c54f
7771bb12fdb57bad3f41eeffd998be3f97e09e4acc8f5f635dd1a21ec159e819
852966d29668dd7be3e4ea6786c9cb4247541772c0fa4c247b42476fdcee41de
896cc33d660e698e660a9f859df0cd73cfb694eddda138a61c8210b8d1b4be56
8d1723de4a245b584a7c3c0e71ee239a70d998877a8ede5ba67eaea2613495cd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fe465152b428ec407955b2c05c1df25758ca133c3eb3b7a65d71549602f6589
90d7576832821a0cf5e65e08e3a6929066acbb9acbdec4738dec82ee3d6982eb
93204fae6916fd3e7ab1a4b36606974a88fc4b20b4a6d98feab94cc6ef3aa765
9499d1601bfc2e5f5b153012cdede0d5454f1c58c931b94cb6ffd706455bd7ca
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a0e4beb7b9fd615db9ece2f4ef434554ff39b506670bf7437200ccb11ea576a
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a2558724cd2a802cbd32bc25f6546db6c02190e62d599117a56ec3756af6736d
a2c6f2f2a1c52ce023f0413c31d546e0cac1132c7bd622469251e3819b9561d4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7158b0ea4f182e9658f45c37ecc1da902babf9afa0a3f92f933ea2838e44694
a7f2d8d570414de78015429dcc2f674a7c350773d4abe1c5a1357b55901f7d5e
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b1f3c4ae9f9fb15c6bb26cbe82d8e268e04cff95b1b48ba81dc2e40ab17349fc
b5a035e87e279f5e5c2ab1c68a8175652f35bc9e43060f17bed7647677e7a38f
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b892e5365731fa49bd6601be4692de7336e7d0013ab6111ef961a11620cfe74f
b944d9cb4994adb53037b8db6236c81f01cf625887764529fd46a36d8b72d6e9
baa2ec62db4c150dc99ee168d5640dc8e33ffe470a1774c0950a386a44264105
bb626d44b2d3d3176c26616eaca12cbc52e9cfe88b708d90a08b9e66f5f8630a
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c10d63d7b41288794e705ce2cdb67caccbd96fe9ecd46c33aa47698be28a227e
c3a699fca36b592acab0015147688e1c8ebb3bc894d9361330b496753b276df8
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c741990e3c9401fa2423c96a4e0cb0918b9c95d79a4e540a918d53cd6c55a8c0
ccf49edc51f2846300865dcef42430408ac05b2cb2a1d5889d449d244ff8ecc6
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
ce58110c734d66db9e2368c2b84011e2c65f324bec1fb0e3476c3c071d488e5b
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
d6e5d2d1cedeca8457def33ed18612ad0499c93bc1253e17f4845b083e8765bb
d7a6484d1d091d289e949e33fd65472c22e145f2420dc3f6a003810d1c0412b1
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
da6d55ed86f8c780b571d327ad9ba46085356200e121afe5cc1ae583a8a0d3ac
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcea90dfd1c1d7d57e77b5317974a45b1856500e8d786e4b847298fd59ca1024
de698f771f908f6249a14b16e6c5e46c7bb7fd7477be0d48253a6c27481eb7e6
de6a280187f35a8ed90567418aafe24eeae8e60a3a83ea0a7e18f7c4e168529f
de6b6cb1a984b0e3418ec8185b8ad7df7c97ea54897f2061da48e9e972f5562d
e26deb1646dfeff6b935aa3c58780ff531ba18ed373b5924bc8bac5acc096961
e395d416dfd0a2a8b5972609a622bf49d76fbd1b2e4c86277dd5068fe2fffbd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eba13b7c4c968c8dadceece567382a3e6c9acaf68d961d0f90ab5f31347534e4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fbe329e68d02bf400d47f86bb2728739171c2aec4abcba995d7467f0f62cf8ec
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fca45286eb46563e48f8af8c225ff4ca8925942626a56d4b1de50a438e670624
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4