www.mtabrasil.com.br Open in urlscan Pro
2a00:1450:4001:810::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://site.mtabrasil.com.br/
Effective URL:
https://www.mtabrasil.com.br/
Submission: On October 17 via api (October 17th 2023, 12:52:52 pm UTC) from US — Scanned from DE

Summary HTTP 125 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 20 domains to perform 125 HTTP transactions. The main IP is 2a00:1450:4001:810::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.mtabrasil.com.br.
TLS certificate: Issued by GTS CA 1D4 on August 26th 2023. Valid for: 3 months.

This is the only time www.mtabrasil.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.241.62.110 162.241.62.110	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
10	2a00:1450:400... 2a00:1450:4001:810::2013	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1 1	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
125	27

1 162.241.62.110 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-62-110.unifiedlayer.com

site.mtabrasil.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.mtabrasil.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
draft.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1080:1 (Germany) 1 redirects

ASN200325 (BUNNYCDN, SI)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	367 KB
23	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 10845 2.bp.blogspot.com — Cisco Umbrella Rank: 13973 3.bp.blogspot.com — Cisco Umbrella Rank: 13237 4.bp.blogspot.com — Cisco Umbrella Rank: 13318	96 KB
12	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	117 KB
11	mtabrasil.com.br 1 redirects site.mtabrasil.com.br www.mtabrasil.com.br	58 KB
10	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 11857	741 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	104 KB
8	criteo.net static.criteo.net — Cisco Umbrella Rank: 728 csm.eu.criteo.net — Cisco Umbrella Rank: 9249	12 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405 fonts.googleapis.com — Cisco Umbrella Rank: 49	35 KB
4	blogger.com www.blogger.com — Cisco Umbrella Rank: 9861 draft.blogger.com — Cisco Umbrella Rank: 72567	165 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9209 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15658 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10275	57 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	864 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	177 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 116	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	89 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1183	77 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	81 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	607 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	2 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 12874	722 B
125	20

	Domain	Requested by
15	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.mtabrasil.com.br
10	blogger.googleusercontent.com	www.mtabrasil.com.br
10	pagead2.googlesyndication.com	www.mtabrasil.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	www.mtabrasil.com.br	www.mtabrasil.com.br cdn.rawgit.com www.blogger.com
9	1.bp.blogspot.com	www.mtabrasil.com.br
7	static.criteo.net	ads.eu.criteo.com
7	2.bp.blogspot.com	www.mtabrasil.com.br
6	www.gstatic.com	googleads.g.doubleclick.net
5	4.bp.blogspot.com	www.mtabrasil.com.br
4	fonts.googleapis.com	www.mtabrasil.com.br googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	1 redirects connect.facebook.net
2	www.google-analytics.com	www.mtabrasil.com.br www.google-analytics.com
2	connect.facebook.net	www.mtabrasil.com.br connect.facebook.net
2	draft.blogger.com	www.mtabrasil.com.br
2	maxcdn.bootstrapcdn.com	www.mtabrasil.com.br maxcdn.bootstrapcdn.com
2	3.bp.blogspot.com	www.mtabrasil.com.br
2	www.blogger.com	www.mtabrasil.com.br
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.jsdelivr.net	www.mtabrasil.com.br
1	cdn.rawgit.com	1 redirects
1	ajax.googleapis.com	www.mtabrasil.com.br
1	site.mtabrasil.com.br	1 redirects
125	32

This site contains links to these domains. Also see Links.

Domain
site.mtabrasil.com.br
community.multitheftauto.com
forum.mtasa.com
mtasa.com
www.arlinadzgn.com
www.blogger.com
www.facebook.com
twitter.com
plus.google.com
feeds.feedburner.com

Subject Issuer	Validity	Valid
www.mtabrasil.com.br GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-26` - `2023-10-24`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.mtabrasil.com.br/
Frame ID: 98D05C69CC4E1ED943F9F9D583BFDAA9
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: D8C76121C010EC7249AFA360AE7122D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4323052034044684&output=html&adk=1812271804&adf=3025194257&lmt=1697526940&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fwww.mtabrasil.com.br%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697547165802&bpp=4&bdt=320&idt=232&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7813737685194&frm=20&pv=2&ga_vid=1952640464.1697547166&ga_sid=1697547166&ga_hid=1716827345&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44805112%2C44805681%2C44803791&oid=2&pvsid=52908468450986&tmod=1130850509&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=257
Frame ID: 72C92E61328D86DCED99D97514DD2DD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4323052034044684&output=html&h=280&slotname=4566626139&adk=1521581065&adf=3406112085&pi=t.ma~as.4566626139&w=1030&fwrn=4&fwrnh=100&lmt=1697526940&rafmt=1&format=1030x280&url=https%3A%2F%2Fwww.mtabrasil.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697547165806&bpp=2&bdt=324&idt=267&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7813737685194&frm=20&pv=1&ga_vid=1952640464.1697547166&ga_sid=1697547166&ga_hid=1716827345&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44805112%2C44805681%2C44803791&oid=2&pvsid=52908468450986&tmod=1130850509&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NoDfLKX28e&p=https%3A//www.mtabrasil.com.br&dtd=273
Frame ID: 29D01EFC007184072B03001B3D530AD3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0356A1E3321931665D48534F63D41D16
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4323052034044684&output=html&h=250&slotname=2978814935&adk=3639742176&adf=4055455487&pi=t.ma~as.2978814935&w=315&fwrn=4&fwrnh=100&lmt=1697526940&rafmt=1&format=315x250&url=https%3A%2F%2Fwww.mtabrasil.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697547166788&bpp=9&bdt=1306&idt=9&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8c3a752e23ceac8-22db5afc9ae400ab%3AT%3D1697547166%3ART%3D1697547166%3AS%3DALNI_Mbmqs3rgQNlV1DBYVz78PifwmduIA&gpic=UID%3D00000d9a5e094630%3AT%3D1697547166%3ART%3D1697547166%3AS%3DALNI_MaxAlCm1TrKfD7n5DqOgbSh6uilqw&prev_fmts=0x0%2C1030x280&nras=1&correlator=7813737685194&frm=20&pv=1&ga_vid=1952640464.1697547166&ga_sid=1697547166&ga_hid=1716827345&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=965&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44805112%2C44805681%2C44803791&oid=2&pvsid=52908468450986&tmod=1130850509&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hQL3eQhFL1&p=https%3A//www.mtabrasil.com.br&dtd=12
Frame ID: 3F0965599936B7C6F57B5556720A2148
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1E80562B36A2317530A7C27602227E61
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9B51623F98C3A6F54AC36F330E3681E0
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS6DngACZhQKZOxHAAne9LtcxG9niQHNfQxu5A&u=%7CH3ZczWWiwdp0r01SFUCC08aeGimkcOVIhgZFK8bsS20%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wflJwflICTGAuRLQg6lPZPNJTH__2R5IR7Xals79ZUJ6D4tNNDpLFQf3z90uqjdMb-DF_KOcWWhXRdyZccG4-KD8ULrDwsJ2XBg4bY4W0T6yL8PTFtcHsgCFf1MW8TFaZPG96ZqgnU-SJzssQRraazdz1-uid8AmBo0jTAiZhhurIWNVEPefH9FXBpzPkywg-CfGabzYRp6uDERs3pnJLWqKicrPhT7_2SpQPNld2WBO85Hh4_AotNfpLUHaqWkVP_hizdUSI9TADpoGbxv28NCVaCyFYZm4FN6hVLha1urNlW1m3ZWTpUDVzU0i1dV-_0cz-y7OrOBY5q0oGxWc8EUjTctnJ-yhoytIEE4PcEcLgl0QqMb8tpDXnq4WNDXNEqO5g4umAY0JcNOXtnl2aVBfqSJHWGAJ97E4-oemYUWftlA7VMFL4HlD6DW3M8zfDVvbTyJs78Q06jvhUZX6ciPkgBF5M1Kw_OoyahGeSF3t_6elv5x-g7S0-bUFaD6s2QYsKKLHYzCHOT_uvFon6j4GoHyg-yzD_wX-LE5L584cHrlFSj3y9Vb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVwV1noMuZZTMCcfYkwP0vafQDsme0rFcvfGU93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNDMyMzA1MjAzNDA0NDY4NMgBCakCrw-u59axsT6oAwHIAwKqBIUCT9A4ya90DptYS-F_Ugg-w3qzRTC1cO2Ej9F30Ot9FIoWd0sZlyTLmnarTGYCGFgZnlqjStSw3f294V99G1xT4SO9McQRBdIjhpY9XZ6zv1WO6QGrYlUjv1UgBk9aKlpfxWI7d9kNRCURCvf51X5ncvpmtd8pcqthCvLxpZPu_s8qr5EPdnNYgmn0JYYqTUVdWo2a5FCRm6LmW6zcflEWIrds7yxTJS0g0ySNhjA4W_oGomjfqDOu5MEwQdft-E5n9E2ccCI2ATfQiFM1Ui_ru3qtTqHuxKoFvBbqFHalpkt_Vo8Wpit5k-7a5EYa_C3XuFWno0PGiSxOHpFwvzveENiBUgw1gAaU4vC72MW79JUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09-Qj_ydv4E8QQq3FqVwjEXHcB7g%26client%3Dca-pub-4323052034044684%26adurl%3D
Frame ID: 08BC7EA8C91036EA87B884EC4746D55B
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400
Frame ID: 1CA5A83B8A600F724A33275BE3B74E66
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2A0CDEDB45E411083B8A7495D83AB408
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Frame ID: BAD8D76109D990D3694D9878C11147CD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Frame ID: 318998ED8121D558A84E5702837F5EE2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1799676210281509%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df171cc6f5d9855c%2526domain%253Dwww.mtabrasil.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.mtabrasil.com.br%25252Ff13b0ff0bbddf%2526relation%253Dparent.parent%26container_width%3D275%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmtabrasil%252F%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26width%3D325
Frame ID: 885AAEC9CC18F2BEAA2D8DDF9A09BA43
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E4527F48017110AEC1124451FBFDE9F7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D57B6974EF27205F7E46B1FBD5516C5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MTA Brasil

Page URL History Show full URLs

http://site.mtabrasil.com.br/ HTTP 302
https://www.mtabrasil.com.br/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

125
Requests

98 %
HTTPS

93 %
IPv6

20
Domains

32
Subdomains

27
IPs

3
Countries

2198 kB
Transfer

4382 kB
Size

8
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://site.mtabrasil.com.br/musicas
Title: Músicas

Search URL Search Domain Scan URL

URL: https://site.mtabrasil.com.br/publicacoes/
Title: Enviar Mod

Search URL Search Domain Scan URL

URL: https://site.mtabrasil.com.br/loja
Title: Loja

Search URL Search Domain Scan URL

URL: https://community.multitheftauto.com/
Title: Comunidade

Search URL Search Domain Scan URL

URL: https://forum.mtasa.com/forum/97-portuguese-portugu%C3%AAs/
Title: Fórum

Search URL Search Domain Scan URL

URL: https://mtasa.com/download
Title: Download MTA

Search URL Search Domain Scan URL

URL: https://site.mtabrasil.com.br/divulgacao
Title: DIVULGAÇÃO DE SERVIDORES

Search URL Search Domain Scan URL

URL: http://www.arlinadzgn.com/
Title: Arlina Design

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.facebook.com/arlinadesign

Search URL Search Domain Scan URL

URL: https://twitter.com/ArlinaDesign

Search URL Search Domain Scan URL

URL: https://plus.google.com/+AmeliaPutri90

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/GanbatteYo

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://site.mtabrasil.com.br/ HTTP 302
https://www.mtabrasil.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://cdn.rawgit.com/Arlina-Design/redvision/master/unlipage.js HTTP 301
https://cdn.jsdelivr.net/gh/Arlina-Design/redvision@master/unlipage.js

Request Chain 72

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 102

https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=1799676210281509&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df171cc6f5d9855c%26domain%3Dwww.mtabrasil.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mtabrasil.com.br%252Ff13b0ff0bbddf%26relation%3Dparent.parent&container_width=275&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fmtabrasil%2F&locale=pt_BR&sdk=joey&show_facepile=false&small_header=false&width=325 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1799676210281509%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df171cc6f5d9855c%2526domain%253Dwww.mtabrasil.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.mtabrasil.com.br%25252Ff13b0ff0bbddf%2526relation%253Dparent.parent%26container_width%3D275%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmtabrasil%252F%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26width%3D325

125 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.mtabrasil.com.br/
Redirect Chain

http://site.mtabrasil.com.br/
https://www.mtabrasil.com.br/

145 KB
39 KB

1188ms
840ms

Document
text/html

2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ad0b92282eab346890b7b89c37f89d03a83e6aee893804dea8ddd6a1d7fccc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 39591
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 12:52:45 GMT
etag: W/"a2bf9284d6de69184937777b20e27f00905c7eb0ece7db788bf2453b67d140b4"
expires: Tue, 17 Oct 2023 12:52:45 GMT
last-modified: Tue, 17 Oct 2023 09:15:40 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 213
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 17 Oct 2023 12:52:44 GMT
Keep-Alive: timeout=5, max=75
Location: https://www.mtabrasil.com.br/
Server: Apache

GET
H2 200 55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 30 KB
7 KB 79ms
19ms Stylesheet
text/css 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 07:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6620
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 14:54:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 11 Oct 2024 07:01:43 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
30 KB 65ms
20ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 09:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30211
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Oct 2024 09:56:23 GMT

GET
H2 200 logo_mta_brasil.png
1.bp.blogspot.com/-g0jFrJBlGHk/Xheou40AvHI/AAAAAAAAe1Y/i258us2BhWEm6_d8hGB5-9tMuEFUnYITwCK4BGAYYCw/s1600/ 8 KB
8 KB 88ms
30ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-g0jFrJBlGHk/Xheou40AvHI/AAAAAAAAe1Y/i258us2BhWEm6_d8hGB5-9tMuEFUnYITwCK4BGAYYCw/s1600/logo_mta_brasil.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8100421c32c27bab3d63b0d682129c5ea42a70290df1fd58053b0683f39f11f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="logo_mta_brasil.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7817
x-xss-protection: 0
server: fife
etag: "v7b57"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 137ms
74ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4323052034044684

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e68b13f30134c0a1816aece2d8ef37dc325f1b282798d56fad07b4a1fa68badc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtabrasil.com.br/
Origin: https://www.mtabrasil.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51458
x-xss-protection: 0
server: cafe
etag: 11648211868532487286
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 12:52:45 GMT

GET
H2 200 AVvXsEjT--3ZbWcSe4YFI8QPOiKjPeCOaRO5d1Ba3zH8SjLQpU6FBPrkfjzwWHWJdCSqYZZNqR-Bk7glpFZNl5rk5hjaP-2Pzdj2YAvN-M1baH8mIAMi7XB77-jc1bWkad7x1Z9tqWs-ualygcj3xlpVGYxEyZ0EapT-Xh0i-M0XCupcE9KqBdO0rP0Hq5K7aEzn=...
blogger.googleusercontent.com/img/a/ 68 KB
68 KB 1049ms
994ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjT--3ZbWcSe4YFI8QPOiKjPeCOaRO5d1Ba3zH8SjLQpU6FBPrkfjzwWHWJdCSqYZZNqR-Bk7glpFZNl5rk5hjaP-2Pzdj2YAvN-M1baH8mIAMi7XB77-jc1bWkad7x1Z9tqWs-ualygcj3xlpVGYxEyZ0EapT-Xh0i-M0XCupcE9KqBdO0rP0Hq5K7aEzn=s320

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8eb4de8ac91cae851b1f6dfef8142eb32e6574489dd2ad3bb905aa7d2d7623c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v372de"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="clima_realista_com_horario_real-726477.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69903
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:46 GMT

GET
H2 200 AVvXsEhXHP8bym65dyEdWXm-B7qNVoN4Ary0B0gOMOdsUgUpXk25m8vE-5bdx4FzJPU2honw8Tb_riaUIVHMvj2SYjIChZl2gm-RTGmJA65JcWcalkvZRjTr6p6fyQQsaqjHnPmhmUi3a05aWh7ArzwD1A73ef6FCTjNUGIQTVt97xXTdCBvYsVh_r3fNP1YWjFw=...
blogger.googleusercontent.com/img/a/ 61 KB
62 KB 655ms
654ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhXHP8bym65dyEdWXm-B7qNVoN4Ary0B0gOMOdsUgUpXk25m8vE-5bdx4FzJPU2honw8Tb_riaUIVHMvj2SYjIChZl2gm-RTGmJA65JcWcalkvZRjTr6p6fyQQsaqjHnPmhmUi3a05aWh7ArzwD1A73ef6FCTjNUGIQTVt97xXTdCBvYsVh_r3fNP1YWjFw=s320

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

edaf715d402ba163c3e0a6a67db6f9ea2fe68c9a553f47d4a7374e4f879efc4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v372db"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="skin_de_seguranca-724656.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62882
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:46 GMT

GET
H2 200 AVvXsEje-9InFcUeIPZ9vuN5Edf3OuDoYcp2fv4ayweJqEkFxEu9l9Dx_ZhkskwgPYWc3UaqRwZprzIQvWapX0RJVy1jcrxrvsnO2HgT7MR-wBEKK_2KgPQnozusCsupfBYYqqO1-8ZFxR-CvVNdR0ep-t18Tkyn8UfqiXowpMjzy_uRx2Ry4mH8F-S_yZUB7_Rr=...
blogger.googleusercontent.com/img/a/ 96 KB
96 KB 933ms
918ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEje-9InFcUeIPZ9vuN5Edf3OuDoYcp2fv4ayweJqEkFxEu9l9Dx_ZhkskwgPYWc3UaqRwZprzIQvWapX0RJVy1jcrxrvsnO2HgT7MR-wBEKK_2KgPQnozusCsupfBYYqqO1-8ZFxR-CvVNdR0ep-t18Tkyn8UfqiXowpMjzy_uRx2Ry4mH8F-S_yZUB7_Rr=s320

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d23a991b8912a21ae017638dbab76d3134ef36dcfd7e89d5dbbe02f1212f7cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v372d8"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mostrar_rato_bind_personalizavel-728056.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98159
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:46 GMT

GET
H2 200 AVvXsEiMuAe2FjVisizF1R9Pp7uGf-sFX59W7r-8C_xUSWWFwGPpSMjMnnweRJI_b_cNoJ-_HT6MlwoaUh12gf8i_Wom6-5kLa-AIAB7puw2HCeN0y5yO5x-hRj9dS8DG5Maw5FVk5GDEEwtfC2mA80o0MkhZD2nV6hYt7uQqlVWCc00VUUHg7v7JiaGvb5Nwc0j=...
blogger.googleusercontent.com/img/a/ 81 KB
81 KB 587ms
572ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEiMuAe2FjVisizF1R9Pp7uGf-sFX59W7r-8C_xUSWWFwGPpSMjMnnweRJI_b_cNoJ-_HT6MlwoaUh12gf8i_Wom6-5kLa-AIAB7puw2HCeN0y5yO5x-hRj9dS8DG5Maw5FVk5GDEEwtfC2mA80o0MkhZD2nV6hYt7uQqlVWCc00VUUHg7v7JiaGvb5Nwc0j=s320

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

383f07635b9d39d70494b678d3af59a29609c0da2b21a916ea2b2e897815e5ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v372d5"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="spawn_de_policia-774326.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82975
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:46 GMT

GET
H2 200 AVvXsEjoi--_zzfNBD8umB-6cGfhsmdPrmyQpRZNgxx_zEoTM7CSGAqs34EkZzO-tgDsuxCEtPDNm0-dthYyZBaDXlxgzhZHCsY6YCcalk1hIY-kaHFZfN79Uo_meyXecDE4JrRI4DHaHZ5j2IBjE9FHP0ByMo00klPMW_d_cONfGKdLVL5HPDtDzjtdAYFmCF4A=...
blogger.googleusercontent.com/img/a/ 106 KB
106 KB 656ms
641ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjoi--_zzfNBD8umB-6cGfhsmdPrmyQpRZNgxx_zEoTM7CSGAqs34EkZzO-tgDsuxCEtPDNm0-dthYyZBaDXlxgzhZHCsY6YCcalk1hIY-kaHFZfN79Uo_meyXecDE4JrRI4DHaHZ5j2IBjE9FHP0ByMo00klPMW_d_cONfGKdLVL5HPDtDzjtdAYFmCF4A=s320

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

18b0aa417887f2a73a7ef0acde6ac3c629f5506f8df046626702fea86dc7f9ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v372d2"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="balada-764555.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108123
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:46 GMT

GET
H2 200 AVvXsEjv2q8YoOztrhlAOZiM2k5GhXKiNNrtKaNG8eSyuJ0NWy0f59hhOPRRsrtn-k_oANnuGAa1hT1rXm4L5Hj5h1rBsa8g5G2a2DAsvJgMtkSD8XJX9hCYl_Pp5bvtLY9SBRHJOKHWWsJcoHClezXZv3X7hHuMs5xSTdpfS7nIdPJtms1L9UxX_nOx0fpQZAPu=...
blogger.googleusercontent.com/img/a/ 55 KB
55 KB 738ms
723ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjv2q8YoOztrhlAOZiM2k5GhXKiNNrtKaNG8eSyuJ0NWy0f59hhOPRRsrtn-k_oANnuGAa1hT1rXm4L5Hj5h1rBsa8g5G2a2DAsvJgMtkSD8XJX9hCYl_Pp5bvtLY9SBRHJOKHWWsJcoHClezXZv3X7hHuMs5xSTdpfS7nIdPJtms1L9UxX_nOx0fpQZAPu=s320

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cafde31053a1b9290fe64ed2480de52aa2d667bfb04cf5fa0a1cd7f8da6eb6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v372cf"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hud_rp_mta-718530.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56010
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:46 GMT

GET
H2 200 AVvXsEg7E-0Z1QOQRuyktVqn22eDpPS3CMEXu28IgxbQxYWkQ_nliyl3tL70594CmBxzicGxoB7fQil8COoCnFqHocz10feFpi9DrQ8d0okeH5NTkyGlHCoQHsjIzCRBRRXUZFL3qjFTP7utzli5I64qL48G--AfhNJxJpekIM3LJJt-bAPJBC7po8-mYsLCvlDx=...
blogger.googleusercontent.com/img/a/ 46 KB
46 KB 626ms
611ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEg7E-0Z1QOQRuyktVqn22eDpPS3CMEXu28IgxbQxYWkQ_nliyl3tL70594CmBxzicGxoB7fQil8COoCnFqHocz10feFpi9DrQ8d0okeH5NTkyGlHCoQHsjIzCRBRRXUZFL3qjFTP7utzli5I64qL48G--AfhNJxJpekIM3LJJt-bAPJBC7po8-mYsLCvlDx=s320

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e4c12721c12c8d631c434a83e04ccc3a2feba01a20f7a5f78fec2283c6e1fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v372cc"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="4x4_da_grota-768991.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46697
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:46 GMT

GET
H2 200 AVvXsEiDZbWEJ18G-Q3Wp_sRy18mp66XEUMz6yqJqT_zDQS73axVVW2mtKFEJ3uKTcpfRpacekuQJaBMQ_DRkVSBuioHVv3GiZ9kp4e94GLP_ZUCBilXMWm3dHSja92j0q-KDfeFjqFTDx2FAlwJCRfIWF9pGjW7Jnbyi8I3rqggjRfZgUySumpX3ZC3Xe7zXwBg=...
blogger.googleusercontent.com/img/a/ 96 KB
96 KB 711ms
696ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEiDZbWEJ18G-Q3Wp_sRy18mp66XEUMz6yqJqT_zDQS73axVVW2mtKFEJ3uKTcpfRpacekuQJaBMQ_DRkVSBuioHVv3GiZ9kp4e94GLP_ZUCBilXMWm3dHSja92j0q-KDfeFjqFTDx2FAlwJCRfIWF9pGjW7Jnbyi8I3rqggjRfZgUySumpX3ZC3Xe7zXwBg=s320

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7403cac1b961aec340c1ad76a25f15af3eb6f5dceabe6398d5e916de3b4cc4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v372c8"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="base_vine_corp_fac-771502.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98374
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:46 GMT

GET
H2 200 AVvXsEgrENaGn3KRECYg-dJf44KjAVPXRWBRI9LNRGmRmXrHcZoxrcBH8QdE6FkUYWDr8i72Qpi4V3Qrqs-eXK9hISSp1XSdlOcI1zys_jcmB5ygBSFIMxuGx9B_8PIX7bloZhf7zD5ha6YuUpff3SyvOnJYdAo-HGWuoDW2zB4iPdBba4ud0bVV-07AhCxdTE0K=...
blogger.googleusercontent.com/img/a/ 65 KB
65 KB 834ms
820ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgrENaGn3KRECYg-dJf44KjAVPXRWBRI9LNRGmRmXrHcZoxrcBH8QdE6FkUYWDr8i72Qpi4V3Qrqs-eXK9hISSp1XSdlOcI1zys_jcmB5ygBSFIMxuGx9B_8PIX7bloZhf7zD5ha6YuUpff3SyvOnJYdAo-HGWuoDW2zB4iPdBba4ud0bVV-07AhCxdTE0K=s320

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

261936874db8323fe3f9dcb26eadff7e5933495d1adacec6a5b5c4c905fc892f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v372c5"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="anticheat_privado-775508.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66799
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:46 GMT

GET
H2 200 AVvXsEgHqMQ5Iaxxq14vjycWlVX7P1npcYmEuIvmvVCIDCJUUQDywySRhBq9xHD4H8AGQKfWC3W5OcXRdohez3OW33pRCrYkmB_M-kYh0fVHOeA8NISkAaROqUzSiF5xoU31ZrCu7qp4CVgR7x991giWTf4sUEoR6aelouMppUJaLpB93uyS4SpEJ1rskckyD6aJ=...
blogger.googleusercontent.com/img/a/ 65 KB
66 KB 636ms
622ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgHqMQ5Iaxxq14vjycWlVX7P1npcYmEuIvmvVCIDCJUUQDywySRhBq9xHD4H8AGQKfWC3W5OcXRdohez3OW33pRCrYkmB_M-kYh0fVHOeA8NISkAaROqUzSiF5xoU31ZrCu7qp4CVgR7x991giWTf4sUEoR6aelouMppUJaLpB93uyS4SpEJ1rskckyD6aJ=s320

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

de028813a839acc66324a24e42e73cb33bbd06c6f5e952619bddcadca1ffffe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v372bf"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="skin_adicionar_money-747641.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66970
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:46 GMT

GET
H2 200 carros.png
1.bp.blogspot.com/-eJnejGVuc2U/Wvh7iMLcxxI/AAAAAAAADi8/WiMol2x-_m0-be87PbUSL6m1fa3ynLPrQCLcBGAs/s1600/ 1 KB
1 KB 56ms
42ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-eJnejGVuc2U/Wvh7iMLcxxI/AAAAAAAADi8/WiMol2x-_m0-be87PbUSL6m1fa3ynLPrQCLcBGAs/s1600/carros.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e8e6e587789b21a7e08d8d6f46884076573f0a4db214415f84b64d7cdd8a19c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="carros.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1039
x-xss-protection: 0
server: fife
etag: "ve3f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 armas.png
1.bp.blogspot.com/-1M4K8Z4bQyc/Wvh7iHqOmFI/AAAAAAAADi4/MQ-O835eQkcehONd4RomAMeAtBB7r9ntgCLcBGAs/s1600/ 785 B
877 B 81ms
67ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-1M4K8Z4bQyc/Wvh7iHqOmFI/AAAAAAAADi4/MQ-O835eQkcehONd4RomAMeAtBB7r9ntgCLcBGAs/s1600/armas.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dedfc958e1b0ecdcc47464b42afe5ac842b9726a255f0e3a60f43d6d86c8914a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="armas.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 785
x-xss-protection: 0
server: fife
etag: "ve3c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 graficos.png
2.bp.blogspot.com/-0fe27FYoit0/Wvh7igZQlwI/AAAAAAAADjA/1AIC0MSz1Ssc0Nxz7GnExCTIRgaa6E0WgCLcBGAs/s1600/ 1 KB
1 KB 86ms
67ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-0fe27FYoit0/Wvh7igZQlwI/AAAAAAAADjA/1AIC0MSz1Ssc0Nxz7GnExCTIRgaa6E0WgCLcBGAs/s1600/graficos.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c23a2d8986ccfd0bb59b5c0c93ab4511e0af31fccde9caeb31092105eb21b8cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="graficos.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1241
x-xss-protection: 0
server: fife
etag: "ve3d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 mapas.png
3.bp.blogspot.com/-In0EI-Ic82g/Wvh7i5C1wNI/AAAAAAAADjE/Rzpd-CXStioKhobbcCfEKnbJYAQuxpVcACLcBGAs/s1600/ 836 B
928 B 52ms
38ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-In0EI-Ic82g/Wvh7i5C1wNI/AAAAAAAADjE/Rzpd-CXStioKhobbcCfEKnbJYAQuxpVcACLcBGAs/s1600/mapas.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1596474094d04d00339d7c67778bb6fc7f494651ab764d2d4cb980066ca3c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="mapas.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 836
x-xss-protection: 0
server: fife
etag: "ve3f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 modscleo.png
1.bp.blogspot.com/-ygmFgRgzepU/Wvh7i7gegxI/AAAAAAAADjI/lNGPzDsGRj8YBp3oV-DogIn22bTCqwONwCLcBGAs/s1600/ 1 KB
1 KB 53ms
39ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ygmFgRgzepU/Wvh7i7gegxI/AAAAAAAADjI/lNGPzDsGRj8YBp3oV-DogIn22bTCqwONwCLcBGAs/s1600/modscleo.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

47c74ecbfd49369ffbca025b4e745d025cbe086cf9444409b59ec8cd0cb1e3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="modscleo.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1253
x-xss-protection: 0
server: fife
etag: "ve3d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 packs.png
2.bp.blogspot.com/-JWqVpQkbMDA/Wvh7jkAarLI/AAAAAAAADjQ/pkQO0dcL3QwDITmWXGVslE23Gx0031BUwCLcBGAs/s1600/ 937 B
1022 B 85ms
65ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-JWqVpQkbMDA/Wvh7jkAarLI/AAAAAAAADjQ/pkQO0dcL3QwDITmWXGVslE23Gx0031BUwCLcBGAs/s1600/packs.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b50535baea69278e8fd05690a6db46b29464f15bf86ef045d82566bbe1399147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="packs.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 937
x-xss-protection: 0
server: fife
etag: "ve40"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 programas.png
1.bp.blogspot.com/-1C6I6IP4mEE/Wvh7jzHEfQI/AAAAAAAADjU/_VDdlzG69nQiYXqUwj9iO_5v-WxDtk_5ACLcBGAs/s1600/ 786 B
881 B 55ms
41ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-1C6I6IP4mEE/Wvh7jzHEfQI/AAAAAAAADjU/_VDdlzG69nQiYXqUwj9iO_5v-WxDtk_5ACLcBGAs/s1600/programas.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

59b965941e86234e51933d54667d5c1d48e2d4465d0ec3c94c7203175252af37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="programas.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786
x-xss-protection: 0
server: fife
etag: "ve40"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 rodas.png
4.bp.blogspot.com/-Ao1DOBAaRnk/Wvh7kC4TEVI/AAAAAAAADjY/b4wsDxf1umkPaBUSWlY-HLWUR-plvGhrwCLcBGAs/s1600/ 1 KB
1 KB 83ms
62ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-Ao1DOBAaRnk/Wvh7kC4TEVI/AAAAAAAADjY/b4wsDxf1umkPaBUSWlY-HLWUR-plvGhrwCLcBGAs/s1600/rodas.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

11d89cc1ade8c52c50246e69066c1e814d52815eb8f50140bd33d24835f49970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="rodas.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1252
x-xss-protection: 0
server: fife
etag: "ve3e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 skins.png
4.bp.blogspot.com/-mp04nBROCMw/Wvh7k5_tFyI/AAAAAAAADjk/dD9vqwJGYPo4FWvvARfJMu8YUbj4KLKvQCLcBGAs/s1600/ 827 B
912 B 87ms
66ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-mp04nBROCMw/Wvh7k5_tFyI/AAAAAAAADjk/dD9vqwJGYPo4FWvvARfJMu8YUbj4KLKvQCLcBGAs/s1600/skins.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1f1689ac85e5304679abe495fdfeaebda9811a43abfa74fe9b699a9a375de605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="skins.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 827
x-xss-protection: 0
server: fife
etag: "ve3e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 tutoriais.png
2.bp.blogspot.com/-k6gQGHaMo6c/Wvh7k6npKyI/AAAAAAAADjo/MSRvdkkGR3IS7srjiq47oDfzANZTVlNWQCLcBGAs/s1600/ 1006 B
1 KB 81ms
62ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-k6gQGHaMo6c/Wvh7k6npKyI/AAAAAAAADjo/MSRvdkkGR3IS7srjiq47oDfzANZTVlNWQCLcBGAs/s1600/tutoriais.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f76c2605ff52998b3da702bcb22d1151a20a09fb06fd2a3a50a6ed94f0d3e444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="tutoriais.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1006
x-xss-protection: 0
server: fife
etag: "ve40"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 velocimetros.png
3.bp.blogspot.com/-UDuO_N44IB8/Wvh7lAwCTnI/AAAAAAAADjs/ZBhWyC_UmvIa41f4Cj5mfaK88bS-GqbRQCLcBGAs/s1600/ 1 KB
1 KB 55ms
43ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-UDuO_N44IB8/Wvh7lAwCTnI/AAAAAAAADjs/ZBhWyC_UmvIa41f4Cj5mfaK88bS-GqbRQCLcBGAs/s1600/velocimetros.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

46b6c4427134cdf8dd2be5d8d4a1524b1cc59cbd5d264eda2a59f09e294cc93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="velocimetros.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1030
x-xss-protection: 0
server: fife
etag: "ve3f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 radar.png
4.bp.blogspot.com/-hHhE9e9l55s/Wvh7kc-XOkI/AAAAAAAADjc/S48wgv_J7FoJpebd7VvpB-p28cujdR6DgCLcBGAs/s1600/ 1 KB
1 KB 32ms
31ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-hHhE9e9l55s/Wvh7kc-XOkI/AAAAAAAADjc/S48wgv_J7FoJpebd7VvpB-p28cujdR6DgCLcBGAs/s1600/radar.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

43e319a44aa00e9a28633c54266b7d1d5d3eb873dcbe1a811c737cf755f53684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="radar.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1413
x-xss-protection: 0
server: fife
etag: "ve40"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 texturas.png
1.bp.blogspot.com/-pEjOBy_XkLM/Wvh7kgqr-BI/AAAAAAAADjg/2WfKowapRHMstQgpPmuVf9mqL_4RbWn2gCLcBGAs/s1600/ 877 B
964 B 52ms
40ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-pEjOBy_XkLM/Wvh7kgqr-BI/AAAAAAAADjg/2WfKowapRHMstQgpPmuVf9mqL_4RbWn2gCLcBGAs/s1600/texturas.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

642a61ffd87e5d96d2848bca78f87b57652e1b43b3411f256bb122bb03215d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="texturas.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 877
x-xss-protection: 0
server: fife
etag: "ve3d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 outros.png
4.bp.blogspot.com/-vKNaogAvCOY/Wvh7jYIwAJI/AAAAAAAADjM/bwxbFjMCFm0JrwrXbr0_9ZFmAH_WpEw0ACLcBGAs/s1600/ 806 B
891 B 30ms
30ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-vKNaogAvCOY/Wvh7jYIwAJI/AAAAAAAADjM/bwxbFjMCFm0JrwrXbr0_9ZFmAH_WpEw0ACLcBGAs/s1600/outros.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

461fb386afd58fa93e97c91671fe6121c8bc71ffb7a42c939c77f9487ed30857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="outros.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 806
x-xss-protection: 0
server: fife
etag: "ve3e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H3 200 23847.png
2.bp.blogspot.com/-GHVl0EYxCrs/WmO5iyZtGZI/AAAAAAAABc4/-nDT1xOWV4YR4JTGyRlHulvMb12SrKokACK4BGAYYCw/s72-c/ 8 KB
8 KB 35ms
33ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-GHVl0EYxCrs/WmO5iyZtGZI/AAAAAAAABc4/-nDT1xOWV4YR4JTGyRlHulvMb12SrKokACK4BGAYYCw/s72-c/23847.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

314b5d0da9065dd1eb655e61ccf601df386491dea2ab2c525ceee276ca0061ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="23847.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8140
x-xss-protection: 0
server: fife
etag: "v5d1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 %25282%2529%255Bwww.gtamodextreme.com%255D.jpg
1.bp.blogspot.com/-kuj6PboTj2I/ULoEULUoJpI/AAAAAAAAAcc/WmTd6KVfghs/s72-c/ 3 KB
3 KB 52ms
41ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-kuj6PboTj2I/ULoEULUoJpI/AAAAAAAAAcc/WmTd6KVfghs/s72-c/%25282%2529%255Bwww.gtamodextreme.com%255D.jpg

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c148b0cd1e4a5e4c86a5174228c7998514f8883a645957e3d189fa9dd6e2516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="(2)[www.gtamodextreme.com].jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2716
x-xss-protection: 0
server: fife
etag: "v1c7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2

200

unlipage.js Show response
cdn.jsdelivr.net/gh/Arlina-Design/redvision@master/
Redirect Chain

https://cdn.rawgit.com/Arlina-Design/redvision/master/unlipage.js
https://cdn.jsdelivr.net/gh/Arlina-Design/redvision@master/unlipage.js

4 KB
2 KB

80ms
40ms

Script
application/javascript

2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Arlina-Design/redvision@master/unlipage.js

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93efc9f61620f152f69f2db294b4e3653f70935208e582f3921a910f33e42ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9666
x-jsd-version: master
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230047-FRA, cache-yyz4557-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"1167-W/SS8JozHMByS3cMJQo6M6lV3Fw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rH0eDHfyIhmRnJmxD8t9tNL0J%2BHClqZi20RP0I2SQweKPe7vpIXrtOVFwHkzoImvYlUdY2v8QEa0QP%2F%2FADrFJhI9OxywjXOrv8kC6nCbQ8elexBwcPdyV6DbQ%2FTJlSzHWqNe0yeBGVseZce8fhs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8178ae3abc901e5a-FRA

Redirect headers

date: Tue, 17 Oct 2023 12:52:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 1081
age: 28312
x-cache: MISS, HIT
cdn-cachedat: 10/17/2023 12:52:45
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 104
x-served-by: cache-fra-eddf8230049-FRA, cache-chi-kigq8000154-CHI
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 301
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/gh/Arlina-Design/redvision@master/unlipage.js
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers: *
cache-control: public, max-age=2592000
cdn-cache: EXPIRED
cdn-requestid: b221a8ac11fa175bd44bfe7e13038ab4
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 cookienotice.js Show response
www.mtabrasil.com.br/js/ 6 KB
2 KB 40ms
29ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtabrasil.com.br/js/cookienotice.js

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2023 16:57:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 24 Oct 2023 12:52:45 GMT

GET
H2 200 872616150-widgets.js Show response
www.blogger.com/static/v1/widgets/ 157 KB
157 KB 35ms
19ms Script
text/javascript 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/872616150-widgets.js

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a4b7664b8ac5c6fed73579023d5121e2d06c488d89f0b4b17d999c76401e3b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 02:02:21 GMT
x-content-type-options: nosniff
age: 125424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160451
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 15 Oct 2024 02:02:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 106ms
32ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44286bf2d62fae3954fd0e7c7b4d384b8b8b31db1b19ce3af6e00af8aacf624f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 12:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:33:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 12:52:45 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/ 28 KB
7 KB 73ms
27ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 755
age: 22325914
cdn-cachedat: 11/06/2021 15:50:09
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0efbdf4c2e52f6c1342d5b3eaff192f9
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8178ae398bff1ad7-FRA
cdn-requestpullsuccess: True

GET
H2 200 authorization.css
draft.blogger.com/dyn-css/ 1 B
684 B 625ms
596ms Stylesheet
text/css 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://draft.blogger.com/dyn-css/authorization.css?targetBlogID=6854827706309699580&zx=15267bb6-3345-4e4c-9ed1-902e8f1fe647

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Tue, 17 Oct 2023 12:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 12:52:46 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 default Show response
www.mtabrasil.com.br/feeds/posts/ 5 KB
2 KB 300ms
290ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtabrasil.com.br/feeds/posts/default?alt=json-in-script&max-results=0&callback=randomposts

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

0d4b1ed60adaf595e15acc11ffeb39d60f9ca9c8b8c8e086ab716b00d1a594e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 09:15:40 GMT
server: blogger-renderd
etag: W/"36b6074481cfd71cd00860f2eb96e69e212108433ccbadeed27410bf8be8adbb"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 1400
x-xss-protection: 0
expires: Tue, 17 Oct 2023 12:52:46 GMT

GET
H2 200 cN4HoB9.png
1.bp.blogspot.com/-sLV0-yo3ZY0/WvfBXThu0LI/AAAAAAAADiQ/pQq3Mq1bVIYQlG9qfyKRwNoK6CuydrkqgCLcBGAs/s1600/ 32 KB
32 KB 54ms
44ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-sLV0-yo3ZY0/WvfBXThu0LI/AAAAAAAADiQ/pQq3Mq1bVIYQlG9qfyKRwNoK6CuydrkqgCLcBGAs/s1600/cN4HoB9.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61b671513e301a8d42a0df300e0c2699c23dc3827f8696a633f8d9e7a14fc5b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="cN4HoB9.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32897
x-xss-protection: 0
server: fife
etag: "ve25"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 72ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mtabrasil.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 16:12:51 GMT
x-content-type-options: nosniff
age: 419994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 16:12:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 74ms
27ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mtabrasil.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 03:37:30 GMT
x-content-type-options: nosniff
age: 465315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 03:37:30 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 393 KB
133 KB 137ms
97ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4323052034044684&plah=www.mtabrasil.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4323052034044684

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b0b615cbaaa8237f1523a442249cce5e75b64d08d06f2f1d388de6c33974130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136614
x-xss-protection: 0
server: cafe
etag: 7719922228681288154
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 12:52:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame D8C7 10 KB
5 KB 67ms
18ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4323052034044684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtabrasil.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 12:56:15 GMT
etag: 2603938475786422795
expires: Mon, 30 Oct 2023 12:56:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 default Show response
www.mtabrasil.com.br/feeds/posts/ 9 KB
2 KB 418ms
416ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtabrasil.com.br/feeds/posts/default?alt=json-in-script&start-index=4201&max-results=1&callback=random_posts

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

6138c1cdc56a91c642e41a806384d5f0dd888103f3533668982aa5bb148607d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 09:15:40 GMT
server: blogger-renderd
etag: W/"58efe9f6eca40348643124af07bf16dbda6ff2cb89bbc21e36d6624c2a98a573"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 2190
x-xss-protection: 0
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H2 200 default Show response
www.mtabrasil.com.br/feeds/posts/ 13 KB
3 KB 553ms
551ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtabrasil.com.br/feeds/posts/default?alt=json-in-script&start-index=6633&max-results=1&callback=random_posts

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

3b9cacabccfb377c6bcc52cf0aa57f7d276ab8e246f512f729a70ecaa332752a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 09:15:40 GMT
server: blogger-renderd
etag: W/"2822c6d3fe55c1b1c4554b75cd9287c3ad0a08d03a9e8e35d52bfc439462018a"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 2557
x-xss-protection: 0
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H2 200 default Show response
www.mtabrasil.com.br/feeds/posts/ 9 KB
2 KB 845ms
844ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtabrasil.com.br/feeds/posts/default?alt=json-in-script&start-index=7515&max-results=1&callback=random_posts

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

ef7bef07a99747d86e42557cf3c2368e5fab7f04eed4817e1ef02558923759ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 09:15:40 GMT
server: blogger-renderd
etag: W/"32eb9468dff70bf26ee9e575959e1a8557a2a16bb7a06f40cadf6ec12b47714d"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 2308
x-xss-protection: 0
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H2 200 default Show response
www.mtabrasil.com.br/feeds/posts/ 10 KB
3 KB 829ms
828ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtabrasil.com.br/feeds/posts/default?alt=json-in-script&start-index=920&max-results=1&callback=random_posts

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

68960786df3fff487a253ab36201133a3a8b0ac8fc001c50fd1310e0809e0e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 09:15:40 GMT
server: blogger-renderd
etag: W/"144abbda6e2def73ba97d6f341d6447ecd4b020288bbed172c6f6976438a89de"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 2720
x-xss-protection: 0
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H2 200 default Show response
www.mtabrasil.com.br/feeds/posts/ 9 KB
2 KB 845ms
844ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtabrasil.com.br/feeds/posts/default?alt=json-in-script&start-index=4649&max-results=1&callback=random_posts

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

8f65077e60a7c0fb701f938dd01c3de80e00781c0a61616a0b05c5c2b72c1e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 09:15:40 GMT
server: blogger-renderd
etag: W/"2ed83e13debf3cff33eba54e09221a1b7a0e23812ac080b961bfeea9ecb4c555"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 2313
x-xss-protection: 0
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
607 B 75ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.mtabrasil.com.br&callback=_gfp_s_&client=ca-pub-4323052034044684

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4323052034044684&plah=www.mtabrasil.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db2a6b983da08bef060545ad2f0d53910fa42d5b6236e8dca807cbcd61ff726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 72C9 243 KB
60 KB 653ms
651ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4323052034044684&output=html&adk=1812271804&adf=3025194257&lmt=1697526940&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fwww.mtabrasil.com.br%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697547165802&bpp=4&bdt=320&idt=232&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7813737685194&frm=20&pv=2&ga_vid=1952640464.1697547166&ga_sid=1697547166&ga_hid=1716827345&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44805112%2C44805681%2C44803791&oid=2&pvsid=52908468450986&tmod=1130850509&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=257

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e573ef2550d1d915ebcfc08fda0bb978ec82834a361f4c5624681d0ee67186e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtabrasil.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61534
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 12:52:46 GMT
expires: Tue, 17 Oct 2023 12:52:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 29D0 127 KB
42 KB 592ms
591ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4323052034044684&output=html&h=280&slotname=4566626139&adk=1521581065&adf=3406112085&pi=t.ma~as.4566626139&w=1030&fwrn=4&fwrnh=100&lmt=1697526940&rafmt=1&format=1030x280&url=https%3A%2F%2Fwww.mtabrasil.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697547165806&bpp=2&bdt=324&idt=267&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7813737685194&frm=20&pv=1&ga_vid=1952640464.1697547166&ga_sid=1697547166&ga_hid=1716827345&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44805112%2C44805681%2C44803791&oid=2&pvsid=52908468450986&tmod=1130850509&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NoDfLKX28e&p=https%3A//www.mtabrasil.com.br&dtd=273

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0333052a117e725be05bfd42fa506ecf423c467436b80d276542ce6ab6687ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtabrasil.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42869
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 12:52:46 GMT
expires: Tue, 17 Oct 2023 12:52:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 authorization.css
draft.blogger.com/dyn-css/ 1 B
43 B 597ms
597ms Stylesheet
text/css 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://draft.blogger.com/dyn-css/authorization.css?targetBlogID=6854827706309699580&zx=15267bb6-3345-4e4c-9ed1-902e8f1fe647

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Tue, 17 Oct 2023 12:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 12:52:46 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 print.png
4.bp.blogspot.com/-e2f9jTHhA3M/XOVcU0aZ7NI/AAAAAAAADLI/LafMkfNp_y0XyxlVTj41nWRg8j-OsGsrACLcBGAs/s72-c/ 7 KB
7 KB 339ms
338ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-e2f9jTHhA3M/XOVcU0aZ7NI/AAAAAAAADLI/LafMkfNp_y0XyxlVTj41nWRg8j-OsGsrACLcBGAs/s72-c/print.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

224ac27333a2d5651916ce51a692fd08fd0332ef7b64baa8e7384381e8ff8efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
x-content-type-options: nosniff
server: fife
etag: "vcb8"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="print.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7182
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:46 GMT

GET
H3 200 307468-gta-sa-2015-11-25-15-54-08-38.jpg
2.bp.blogspot.com/-4OP4rtqWYMg/Wk4FCbB3yVI/AAAAAAAAANc/MKu9EToHb7MNLmAErtj79hYgdgQP0eNWACLcBGAs/s72-c/ 3 KB
3 KB 324ms
324ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-4OP4rtqWYMg/Wk4FCbB3yVI/AAAAAAAAANc/MKu9EToHb7MNLmAErtj79hYgdgQP0eNWACLcBGAs/s72-c/307468-gta-sa-2015-11-25-15-54-08-38.jpg

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8429ef3c6476a82f5c44552ec506ff5091232dee09969fe5595fbb6c8259770c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
x-content-type-options: nosniff
server: fife
etag: "vd8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="307468-gta-sa-2015-11-25-15-54-08-38.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3367
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:46 GMT

GET
H2 200 88cf7d8f92971695aa333eeba8ca195d.js Show response
www.gstatic.com/mysidia/ Frame 29D0 9 KB
4 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4323052034044684&output=html&h=280&slotname=4566626139&adk=1521581065&adf=3406112085&pi=t.ma~as.4566626139&w=1030&fwrn=4&fwrnh=100&lmt=1697526940&rafmt=1&format=1030x280&url=https%3A%2F%2Fwww.mtabrasil.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697547165806&bpp=2&bdt=324&idt=267&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7813737685194&frm=20&pv=1&ga_vid=1952640464.1697547166&ga_sid=1697547166&ga_hid=1716827345&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44805112%2C44805681%2C44803791&oid=2&pvsid=52908468450986&tmod=1130850509&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NoDfLKX28e&p=https%3A//www.mtabrasil.com.br&dtd=273

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 12:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 01:21:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 12:45:24 GMT

GET
H2 200 f9452dcf4f221a00d49f3197c484e17d.js Show response
www.gstatic.com/mysidia/ Frame 29D0 11 KB
5 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4599
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 01:21:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:18:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 29D0 14 KB
1 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 12:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 11:04:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 12:52:46 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 29D0 2 KB
973 B 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 13:37:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 29D0 23 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:36:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 13:36:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 29D0 3 KB
1 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 19:59:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 29D0 20 KB
9 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 13:36:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29D0 187 KB
59 KB 78ms
29ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 12:52:46 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 29D0 35 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:14 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 157 KB
53 KB 119ms
119ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03d7c27d48e30f626b427e4335c4a5a113be05599e4e30d95b7f3e1d5d09f4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54685
x-xss-protection: 0
server: cafe
etag: 17214288286074822842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 12:52:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0356 143 B
166 B 20ms
19ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4323052034044684&output=html&h=280&slotname=4566626139&adk=1521581065&adf=3406112085&pi=t.ma~as.4566626139&w=1030&fwrn=4&fwrnh=100&lmt=1697526940&rafmt=1&format=1030x280&url=https%3A%2F%2Fwww.mtabrasil.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697547165806&bpp=2&bdt=324&idt=267&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7813737685194&frm=20&pv=1&ga_vid=1952640464.1697547166&ga_sid=1697547166&ga_hid=1716827345&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44805112%2C44805681%2C44803791&oid=2&pvsid=52908468450986&tmod=1130850509&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NoDfLKX28e&p=https%3A//www.mtabrasil.com.br&dtd=273
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 12:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Screenshot_1.png
2.bp.blogspot.com/-UqTFMXc_1C8/WI4hVIiXSXI/AAAAAAAACdo/e069ashdHboEFADwaE7o-HV9iWjsKNYbQCLcB/s72-c/ 10 KB
10 KB 323ms
322ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-UqTFMXc_1C8/WI4hVIiXSXI/AAAAAAAACdo/e069ashdHboEFADwaE7o-HV9iWjsKNYbQCLcB/s72-c/Screenshot_1.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a87914182bcce4ad5987f9d661d1770ed3c633724d0b7773a5b6b8ee726b6cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v9db"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Screenshot_1.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10117
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:47 GMT

GET
H3 200 sistema_samu_aplicativo-706368.png
1.bp.blogspot.com/-hZnp8AT8MwI/YS0J6ppfg-I/AAAAAAAC11s/kGM638PnHmoEM_z4B-876iiEE-H17IdbwCK4BGAYYCw/s72-c/ 7 KB
7 KB 36ms
34ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-hZnp8AT8MwI/YS0J6ppfg-I/AAAAAAAC11s/kGM638PnHmoEM_z4B-876iiEE-H17IdbwCK4BGAYYCw/s72-c/sistema_samu_aplicativo-706368.png

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c9c368af37832bc0fd3864aa5da9ebc4be1c9b2f6c1bac2a5beae0abda503fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="sistema_samu_aplicativo-706368.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7105
x-xss-protection: 0
server: fife
etag: "v2d761"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Oct 2023 12:52:46 GMT

GET
H3 200 IMG-20190117-WA0021.jpg
2.bp.blogspot.com/-7TgZwiNyB7Q/XEE2rW0jPAI/AAAAAAAAFbc/2_MFRvOeYIYSP6OxgSc8GcTAMENAi93nQCLcBGAs/s72-c/ 3 KB
3 KB 382ms
380ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-7TgZwiNyB7Q/XEE2rW0jPAI/AAAAAAAAFbc/2_MFRvOeYIYSP6OxgSc8GcTAMENAi93nQCLcBGAs/s72-c/IMG-20190117-WA0021.jpg

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2a6dc690db44b512a4b1ed4886a53d93b5bae8e9f073f8b7f948c7f361ca8f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v15b8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG-20190117-WA0021.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2940
x-xss-protection: 0
expires: Wed, 18 Oct 2023 12:52:47 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/fonts/ 69 KB
70 KB 56ms
32ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/fonts/fontawesome-webfont.woff2?v=4.6.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css
Origin: https://www.mtabrasil.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632
age: 776793
cdn-cachedat: 02/05/2022 16:58:03
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 70700
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "7b4635e4bc709f12d7ac73f4d8c5261e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e66d2288a8bb87ca614559459a7d4704
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8178ae40a8b02c16-FRA
cdn-requestpullsuccess: True

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3F09 436 B
237 B 535ms
534ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4323052034044684&output=html&h=250&slotname=2978814935&adk=3639742176&adf=4055455487&pi=t.ma~as.2978814935&w=315&fwrn=4&fwrnh=100&lmt=1697526940&rafmt=1&format=315x250&url=https%3A%2F%2Fwww.mtabrasil.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697547166788&bpp=9&bdt=1306&idt=9&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8c3a752e23ceac8-22db5afc9ae400ab%3AT%3D1697547166%3ART%3D1697547166%3AS%3DALNI_Mbmqs3rgQNlV1DBYVz78PifwmduIA&gpic=UID%3D00000d9a5e094630%3AT%3D1697547166%3ART%3D1697547166%3AS%3DALNI_MaxAlCm1TrKfD7n5DqOgbSh6uilqw&prev_fmts=0x0%2C1030x280&nras=1&correlator=7813737685194&frm=20&pv=1&ga_vid=1952640464.1697547166&ga_sid=1697547166&ga_hid=1716827345&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=965&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44805112%2C44805681%2C44803791&oid=2&pvsid=52908468450986&tmod=1130850509&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hQL3eQhFL1&p=https%3A//www.mtabrasil.com.br&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

244fca4968cff3e7ffdedb23faeb7f56092abfbad04f6733bb97644568aadfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtabrasil.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 12:52:47 GMT
expires: Tue, 17 Oct 2023 12:52:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 29D0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 082e7abd8b83c89c171b5ff8caeb84f82cf98f2d27dfd50c75990ebcf13f8aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 60ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b24ef14f8263c716d5e80695e3dfb47616b59f503322a88a19fc61140a781c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 17 Oct 2023 12:52:46 GMT
content-md5: +pR8tDgtAnCeD0BtQggY5Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: Bqkfr4v54piu8etCYebFxict4lLz4JbObtaKUJCBzLVBRAaXf0O2o37yIjJiZ+LgYmHSvnoJLrjxy2FODR0pYg==
x-fb-content-md5: 5944eb946e18f81cf150d5d66df9c921
cross-origin-opener-policy: same-origin-allow-popups
etag: "ea61adacf6e215ac4be4ebff201c39d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 17 Oct 2023 13:11:40 GMT

GET
H2 200 summary Show response
www.mtabrasil.com.br/feeds/posts/ 7 KB
2 KB 302ms
301ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtabrasil.com.br/feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata

Requested by

Host: cdn.rawgit.com
URL: https://cdn.rawgit.com/Arlina-Design/redvision/master/unlipage.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

551ba6aaddd800c8efa2e966598f1e80666966df6275f20c7ac26ad13855dbf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 09:15:40 GMT
server: blogger-renderd
etag: W/"a1d5d306c4890bae2b68a94121f723bc4b604a68032b59723a23f402a306364f"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 2156
x-xss-protection: 0
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0356
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
36ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 12:52:47 GMT
expires: Tue, 17 Oct 2023 12:52:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 12:52:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 29D0 33 KB
33 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 13408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 09:09:18 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 302 KB
86 KB 40ms
20ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=e8ad16cdad422f0d796510d5f6d72491

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83b5326ee7986f295b8a888302f083b5dabace40a65c920d92423a88bbd841f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.mtabrasil.com.br/
Origin: https://www.mtabrasil.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 17 Oct 2023 12:52:46 GMT
content-md5: U0zwKQahtKqrZB1MiN+0+g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88329
x-fb-debug: zdzkmLAjfY5HSlHcz+V2nYz6Smb5qptx+r0bAoKmqcRvdR8lkvjs27FoLyqW7KdwtctY+nDFqJKD5w/jXJDCPQ==
x-fb-content-md5: e53ae10535a94d72c587e9eaaf2612da
cross-origin-opener-policy: same-origin-allow-popups
etag: "298ab6dc90931ec1930ad4d4161e271c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 16 Oct 2024 06:12:53 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 1E80 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtabrasil.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 10:26:49 GMT
etag: 2603938475786422795
expires: Tue, 31 Oct 2023 10:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 9B51 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtabrasil.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 10:26:49 GMT
etag: 2603938475786422795
expires: Tue, 31 Oct 2023 10:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 1E80 4 KB
671 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 12:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 11:05:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1E80 205 B
229 B 21ms
19ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 01:08:26 GMT
x-content-type-options: nosniff
age: 474260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Oct 2024 01:08:26 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1E80 604 B
628 B 23ms
21ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:08:01 GMT
x-content-type-options: nosniff
age: 481486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 10 Oct 2024 23:08:01 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 1E80 15 KB
7 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 16:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 6101707970674548951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 16:13:09 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 1E80 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:39:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 13:39:24 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 08BC 198 KB
56 KB 206ms
117ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS6DngACZhQKZOxHAAne9LtcxG9niQHNfQxu5A&u=%7CH3ZczWWiwdp0r01SFUCC08aeGimkcOVIhgZFK8bsS20%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wflJwflICTGAuRLQg6lPZPNJTH__2R5IR7Xals79ZUJ6D4tNNDpLFQf3z90uqjdMb-DF_KOcWWhXRdyZccG4-KD8ULrDwsJ2XBg4bY4W0T6yL8PTFtcHsgCFf1MW8TFaZPG96ZqgnU-SJzssQRraazdz1-uid8AmBo0jTAiZhhurIWNVEPefH9FXBpzPkywg-CfGabzYRp6uDERs3pnJLWqKicrPhT7_2SpQPNld2WBO85Hh4_AotNfpLUHaqWkVP_hizdUSI9TADpoGbxv28NCVaCyFYZm4FN6hVLha1urNlW1m3ZWTpUDVzU0i1dV-_0cz-y7OrOBY5q0oGxWc8EUjTctnJ-yhoytIEE4PcEcLgl0QqMb8tpDXnq4WNDXNEqO5g4umAY0JcNOXtnl2aVBfqSJHWGAJ97E4-oemYUWftlA7VMFL4HlD6DW3M8zfDVvbTyJs78Q06jvhUZX6ciPkgBF5M1Kw_OoyahGeSF3t_6elv5x-g7S0-bUFaD6s2QYsKKLHYzCHOT_uvFon6j4GoHyg-yzD_wX-LE5L584cHrlFSj3y9Vb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVwV1noMuZZTMCcfYkwP0vafQDsme0rFcvfGU93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNDMyMzA1MjAzNDA0NDY4NMgBCakCrw-u59axsT6oAwHIAwKqBIUCT9A4ya90DptYS-F_Ugg-w3qzRTC1cO2Ej9F30Ot9FIoWd0sZlyTLmnarTGYCGFgZnlqjStSw3f294V99G1xT4SO9McQRBdIjhpY9XZ6zv1WO6QGrYlUjv1UgBk9aKlpfxWI7d9kNRCURCvf51X5ncvpmtd8pcqthCvLxpZPu_s8qr5EPdnNYgmn0JYYqTUVdWo2a5FCRm6LmW6zcflEWIrds7yxTJS0g0ySNhjA4W_oGomjfqDOu5MEwQdft-E5n9E2ccCI2ATfQiFM1Ui_ru3qtTqHuxKoFvBbqFHalpkt_Vo8Wpit5k-7a5EYa_C3XuFWno0PGiSxOHpFwvzveENiBUgw1gAaU4vC72MW79JUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09-Qj_ydv4E8QQq3FqVwjEXHcB7g%26client%3Dca-pub-4323052034044684%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7902911207c3b5023bd439292aaf50589e10076e3bfd86f6dc49e9d13510090c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 12:52:46 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=yJBkSvVU8RMMURUm1Lrksih_pWvhmWevHHdBcgFNuUxbKcWy9NhBHTRD5Ox0GDM86L884r_oGpJoSI1JG4W6nSIhR3FSosXhVpopeKjDLCz2G4pe_VI9l-qNhZbnnvhPZ859CBrF7fW_kI595OI-ZKMDIWr1KZI5IHOSX6h4j-KfOO72B1krQ9C-O2Tk9BR0Gb9P8ZbqqgIpRasrMKQx1cgssGbByXs2wpwM4NKkc6zLIZOFOBJ3NJWEk0i9KJPA5WF61Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 64281335
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 9B51 3 KB
1 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 19:59:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 9B51 20 KB
8 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 13:36:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B51 187 KB
59 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1CA5 11 KB
1 KB 31ms
31ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdcaa771e7265ff69e374f9fef053fd9ae91567074983aa1a61bf74a3001490b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 12:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 11:36:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1CA5 2 KB
892 B 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 13:37:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 1CA5 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:36:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 13:36:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2A0C 143 B
166 B 23ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 12:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1CA5 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 19:59:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1CA5 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 13:36:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1CA5 187 KB
59 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H3 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 1CA5 35 KB
14 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 29D0 0
23 B 68ms
67ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvxYsnoMuZdrbCrbB5LcP3aiw8AXPpoiZc6GRuZX8EdrZHhABIOjOmilglQKgAZrTuf8CyAEBqQKvD67n1rGxPqgDAcgDywSqBJQCT9D9hO7eSz6izZBWze801QNiNKQibdNwRAgtFMbfauMM4T5k7FcV_OX3TEc7RBPvAT_IyndUzFX4ug4wRONQS3pWmGUGV2jAIvRjNnfXgAo3g0fkL8MVKBlnCBd5aQ_8gKYlKv3AVjT56YJpVX8dnjteBkgshyqb_kRX0fUkWm-MH3ebhkD6Fq9Y_NJqkmX6TT320naAmN9v8TfAdBEOZpkDncaCOheNN1FA_hKIo-__r8f-mqMPpK3-H1nu1D1XwF4G0T1jYasdaquqlnfSDQDDQ5GLPtysg8-LNhyyTTkZgTnaqwsH_UmDyjIuJOM8fvR9lIBmoEmbyWQfJisC99UjVS2HkoaXQZYAJTSdQA02UmiYwATRjMrprwSIBcOlo5hMkgUECAQYAZIFBAgFGASAB86sxoABqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ3tsM0ggWCIDhgHAQARgfMgLrAjoCgEBIvf3BOoAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00MzIzMDUyMDM0MDQ0Njg0GAA&sigh=hW1kfppWw_g&uach_m=[UACH]&cid=CAQSSwDICaaNgqhplf0CeeKOx5YOj33xne8mb3Ukd1FQ5Ql9yxqmhqVHLVYdoIwg2symipZ4YFaaOMa5deNaRELmQkehMP257HwvOKaTWxgB&cbvp=2&vis=1

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4323052034044684&output=html&h=280&slotname=4566626139&adk=1521581065&adf=3406112085&pi=t.ma~as.4566626139&w=1030&fwrn=4&fwrnh=100&lmt=1697526940&rafmt=1&format=1030x280&url=https%3A%2F%2Fwww.mtabrasil.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697547165806&bpp=2&bdt=324&idt=267&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7813737685194&frm=20&pv=1&ga_vid=1952640464.1697547166&ga_sid=1697547166&ga_hid=1716827345&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44805112%2C44805681%2C44803791&oid=2&pvsid=52908468450986&tmod=1130850509&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NoDfLKX28e&p=https%3A//www.mtabrasil.com.br&dtd=273
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 17 Oct 2023 12:52:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H3 200 e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js Show response
pagead2.googlesyndication.com/bg/ Frame BAD8 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 485768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:56:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9B51 0
23 B 62ms
61ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPAYhnoMuZZTMCcfYkwP0vafQDsme0rFcvfGU93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNDMyMzA1MjAzNDA0NDY4NMgBCakCrw-u59axsT6oAwHIAwKqBIICT9A4ya90DptYS-F_Ugg-w3qzRTC1cO2Ej9F30Ot9FIoWd0sZlyTLmnarTGYCGFgZnlqjStSw3f294V99G1xT4SO9McQRBdIjhpY9XZ6zv1WO6QGrYlUjv1UgBk9aKlpfxWI7d9kNRCURCvf51X5ncvpmtd8pcqthCvLxpZPu_s8qr5EPdnNYgmn0JYYqTUVdWo2a5FCRm6LmW6zcflEWIrds7yxTJS0g0ySNhjA4W_oGomjfqDOu5MEwQdft-E5n9E2ccCI2ATfQiFM1Ui_ru3qtTqHuxKoFvBbqFDSnh9n_xV8rAPteSWL6DeIU2ydhsnu_IfcOtIq8oY9cp6MUhPhogAaU4vC72MW79JUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQzMjMwNTIwMzQwNDQ2ODQYAA&sigh=_w2t_h4EeXU&uach_m=%5BUACH%5D&cid=CAQSSwDICaaNhy-s7RdC_hJA2UVti5FFw8C9fqIoOUGTt7R-orQnA2NL-IOoPxN3-W4T2n59BGjGBit1NcMkx5xxsPpxRb-dTRUayO6HgRgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 17 Oct 2023 12:52:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 9B51 0
126 B 110ms
36ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGMz6RO0HfJ2DYgICAAAAzez_03K5lrgQnYMuZeIFF5mGVH25z0sAABIAAAoKQVFVQkR3RUJEdw&wp=ZS6DngACZhQKZOxHAAne9LtcxG9niQHNfQxu5A&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:46 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 200364
server: Kestrel
content-length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2A0C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
33ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 12:52:47 GMT
expires: Tue, 17 Oct 2023 12:52:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 12:52:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 63ms
18ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 17 Oct 2023 11:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3674
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 17 Oct 2023 13:51:33 GMT

GET
H2 200 stats Show response
www.mtabrasil.com.br/b/ 410 B
315 B 374ms
374ms XHR
text/html 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtabrasil.com.br/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCapv0PCdk8175kE6pPc7gjkt7zWC7c-awGW-UiJzql2O51OSsEEAGOdeoxALtSgd5AQVZZf31ciuDW-DlY1fsOEFsjwg

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/872616150-widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28cbf9790000f0c183bc513430d0796be42450e656d886389959c83dcc7ddf2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
content-length: 251
x-xss-protection: 1; mode=block
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H3 200 e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js Show response
pagead2.googlesyndication.com/bg/ Frame 3189 37 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js

Requested by

Host: www.mtabrasil.com.br
URL: https://www.mtabrasil.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 485768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:56:39 GMT

GET
H2

200

/
www.facebook.com/login/ Frame 885A
Redirect Chain

https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=1799676210281509&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1799676210281509%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook...

0
0

140ms
139ms

Document
text/html

2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1799676210281509%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df171cc6f5d9855c%2526domain%253Dwww.mtabrasil.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.mtabrasil.com.br%25252Ff13b0ff0bbddf%2526relation%253Dparent.parent%26container_width%3D275%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmtabrasil%252F%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26width%3D325

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=e8ad16cdad422f0d796510d5f6d72491

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.mtabrasil.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 Oct 2023 12:52:47 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: Av/08vHxcQPBQO7Uw6y+dU+0A7Rx7xz5rURFeuYDgmXLeJ7VX+WGfO0djfLnB2NrKV6fYuEi/ITA5OFCzkRQ1w==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 12:52:47 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1799676210281509%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df171cc6f5d9855c%2526domain%253Dwww.mtabrasil.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.mtabrasil.com.br%25252Ff13b0ff0bbddf%2526relation%253Dparent.parent%26container_width%3D275%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmtabrasil%252F%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26width%3D325
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: YhXf9xf/+6YJioZBH4pKPKiI7caNMMe5aKvTv7gTaNjedSKFhsHxzlcxFa8VhjGvkVnCv884qFNfPRr61+gocw==
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 08BC 2 KB
1 KB 106ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS6DngACZhQKZOxHAAne9LtcxG9niQHNfQxu5A&u=%7CH3ZczWWiwdp0r01SFUCC08aeGimkcOVIhgZFK8bsS20%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wflJwflICTGAuRLQg6lPZPNJTH__2R5IR7Xals79ZUJ6D4tNNDpLFQf3z90uqjdMb-DF_KOcWWhXRdyZccG4-KD8ULrDwsJ2XBg4bY4W0T6yL8PTFtcHsgCFf1MW8TFaZPG96ZqgnU-SJzssQRraazdz1-uid8AmBo0jTAiZhhurIWNVEPefH9FXBpzPkywg-CfGabzYRp6uDERs3pnJLWqKicrPhT7_2SpQPNld2WBO85Hh4_AotNfpLUHaqWkVP_hizdUSI9TADpoGbxv28NCVaCyFYZm4FN6hVLha1urNlW1m3ZWTpUDVzU0i1dV-_0cz-y7OrOBY5q0oGxWc8EUjTctnJ-yhoytIEE4PcEcLgl0QqMb8tpDXnq4WNDXNEqO5g4umAY0JcNOXtnl2aVBfqSJHWGAJ97E4-oemYUWftlA7VMFL4HlD6DW3M8zfDVvbTyJs78Q06jvhUZX6ciPkgBF5M1Kw_OoyahGeSF3t_6elv5x-g7S0-bUFaD6s2QYsKKLHYzCHOT_uvFon6j4GoHyg-yzD_wX-LE5L584cHrlFSj3y9Vb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVwV1noMuZZTMCcfYkwP0vafQDsme0rFcvfGU93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNDMyMzA1MjAzNDA0NDY4NMgBCakCrw-u59axsT6oAwHIAwKqBIUCT9A4ya90DptYS-F_Ugg-w3qzRTC1cO2Ej9F30Ot9FIoWd0sZlyTLmnarTGYCGFgZnlqjStSw3f294V99G1xT4SO9McQRBdIjhpY9XZ6zv1WO6QGrYlUjv1UgBk9aKlpfxWI7d9kNRCURCvf51X5ncvpmtd8pcqthCvLxpZPu_s8qr5EPdnNYgmn0JYYqTUVdWo2a5FCRm6LmW6zcflEWIrds7yxTJS0g0ySNhjA4W_oGomjfqDOu5MEwQdft-E5n9E2ccCI2ATfQiFM1Ui_ru3qtTqHuxKoFvBbqFHalpkt_Vo8Wpit5k-7a5EYa_C3XuFWno0PGiSxOHpFwvzveENiBUgw1gAaU4vC72MW79JUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09-Qj_ydv4E8QQq3FqVwjEXHcB7g%26client%3Dca-pub-4323052034044684%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Oct 2024 12:52:47 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 08BC 2 KB
1 KB 103ms
32ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Oct 2024 12:52:47 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 08BC 308 B
636 B 131ms
63ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 11 Oct 2024 12:52:47 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 08BC 293 B
621 B 101ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 11 Oct 2024 12:52:47 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 08BC 43 B
348 B 86ms
26ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=IFZDet7_owfTsP22XiXvkUAGKfl9ypQs8XL5o7jAHQJY8qbknOy47iqslL-zWxFnre4GfGcTMCabpPz23H23trWt8jD_2SWi6wWFRKx0RCvXIsVnFQSWAsh6XtwXrZgJ0K7RBrcJUGDe-ykGBpmetc4Zi1nPiiXVe1c-tZCZMC2oVgOss_7QODKY89Vak56WRNLi2jkuR5AZEQMhBgzi4XsP7hkEuLWg1wkh9Moxfd3Xx8Hpz1RoJ-CZ8HprSmXe1B29K03663QRO5Nzp7Y3Ptff2WEBUq5yJlDJzw580ljGgSVyH_Marb2SwGTX9B1VpDhkDuqk4UHoYFJEc42w8yhu7vWFM0Symf8CLjO-42LPVrIVA2z-RYbVgUMses4YVL9J0jPjLv6jIVIQ-DcqyiMDFerrsVsqnIPuk6d5snZoJpHm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 12:52:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1882401
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 08BC 12 KB
6 KB 119ms
63ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Oct 2024 12:52:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 08BC 0
128 B 105ms
34ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=yJBkSvVU8RMMURUm1Lrksih_pWvhmWevHHdBcgFNuUxbKcWy9NhBHTRD5Ox0GDM86L884r_oGpJoSI1JG4W6nSIhR3FSosXhVpopeKjDLCz2G4pe_VI9l-qNhZbnnvhPZ859CBrF7fW_kI595OI-ZKMDIWr1KZI5IHOSX6h4j-KfOO72B1krQ9C-O2Tk9BR0Gb9P8ZbqqgIpRasrMKQx1cgssGbByXs2wpwM4NKkc6zLIZOFOBJ3NJWEk0i9KJPA5WF61Q&sds=2&rev=88900&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 17 Oct 2023 12:52:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 08BC 2 KB
1 KB 42ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Oct 2024 12:52:47 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 08BC 2 KB
1 KB 45ms
44ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Oct 2024 12:52:47 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
225 B 26ms
25ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1716827345&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mtabrasil.com.br%2F&ul=en-us&de=UTF-8&dt=MTA%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=838793860&gjid=305587549&cid=1952640464.1697547166&tid=UA-163400448-1&_gid=64948484.1697547167&_r=1&_slc=1&z=1589900731

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3ca7df5bf422b1799e663d2bad1ddedb0a079244ac5df65780a09f06e38439d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mtabrasil.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 12:52:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mtabrasil.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 88ms
38ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9GCEHL2VX6&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3e880c8fdbd5fb92ff08e4587b1d04c3f816105de1926818f8f04e52af44d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82678
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 17 Oct 2023 12:52:47 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 77ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9GCEHL2VX6&gtm=45je3ab0&_p=1716827345&ul=en-us&sr=1600x1200&cid=1952640464.1697547166&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.mtabrasil.com.br%2F&dt=MTA%20Brasil&sid=1697547167&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9GCEHL2VX6&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 12:52:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mtabrasil.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 72ms
71ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

234d1c95e643db119e9fa885f7a54581cba630234d07d257a71129d427d384e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12172
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 12:52:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E452 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtabrasil.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 126143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 01:50:24 GMT
expires: Tue, 15 Oct 2024 01:50:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6D57 829 B
560 B 30ms
30ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

991b2f373bfddf386d48aa752de9dc2de5e0c766024f88cd9815c78bd379ba25

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-34Fon0euBhKWkNHfi3-70g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mtabrasil.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-34Fon0euBhKWkNHfi3-70g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 12:52:47 GMT
expires: Tue, 17 Oct 2023 12:52:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame E452 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 11:55:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 11:55:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D57 0
0 86ms
86ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=52908468450986&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E452 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jWdtWQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:52:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 29D0 42 B
64 B 126ms
126ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvCqwCcpQcbM8NWmHIzO-PSAxPt9kKs6sTmaiYIzbtFkMEFCMc2lvMfUf_cE5jf0zsExvmBIxRYnHRTPnATBeVHuhQrNXe9fmVBLnt0KowPJvPNbkvO23EJAr8e8tg0MTXkJwc2soRb6Jb&sai=AMfl-YQC9nLe9vdcJ6CQpGXtwlFZEaUxGMrmWqrNugEYzZvB6mu4cK5DBXwFujPXNlWreI0mSEGyL858V_iGRk3wB7SQarUA6KxsFfycQ2c9ySi9NIWVJh7lr_Mq6pVJCMt_Q7Du2sZmsopel1fc&sig=Cg0ArKJSzB7ZJXmrM3PbEAE&cid=CAQSSwDICaaNgqhplf0CeeKOx5YOj33xne8mb3Ukd1FQ5Ql9yxqmhqVHLVYdoIwg2symipZ4YFaaOMa5deNaRELmQkehMP257HwvOKaTWxgB&id=lidar2&mcvt=1000&p=0,0,280,1030&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1521581065&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697547166080&rpt=1035&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 12:52:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=52908468450986&bg=!2dql2pXNAAbFpEfJ5aQ7ADQBe5WfOLoeIF6jr-qgQQ7Oqx9eq3-NE4ixOCHoXrQGxsOiWVeuR8uRnRswzWfxpyYo9XMPAgAAAFdSAAAABmgBB5kC_er0c-50gqhagrDFAWx22-GS2pknGbm0FsjM1Ezl6e5G1PV-MmkWlGHPUPzM3y5Na355M9bKJ9DdJO9J6INVwR_wE1TXy0uhaJe533bsmsQMZrLYs-gszqpzrTnvnRGLv062a2QOURHAYAbYas3rxuiJoTetZNtvr0cHer4uPfibdLzwnf8or56lfugO-sx6fMzE7fWV1H5iagBheVCEB-YHVKp4-Ed6Otje1RzZG0b1XdE7H-cWZLxY5G0fmp30vv3nHIXItOWpRaWSotn8eHSR8d0xAYFn-8pIdjojmoNn0rfgpFfBN1lv3tNq7UGpKGkrs-Tcwu27mw3f2yoV9hKS3PKpqok5R95CLfpS-MGwgWN62Y4ZUQ8ONLh13-r5OxzjbO-zS6kouhcxUFl6uZ9a-PQMJvvsDDCwNgIyOxTSMiwoDuSA-8IAYi3RAN_lA1MJwrvuJycVB8a6B87cX3M-aGAxTk9SumbIUj7ypV4J6q9x-Eg7hT7qY5AUHokOpXINx5GQexpFnRwYoITc12a8Hd-uJJIf619Jr6FuBRIdmbDqdgNvjAMJNA-3imqWZft3cAmLKTqwSGoYK7DSra4N2famb-i521h60UPgAbBjVeCqrMOQzXmNs7ZkCcOWGZuKiEr1dgcqC7YVpwbMz5DV7Ss55NMHjwtndZ2qdEMb-eqSPp6yMAbcy1p6FT3hL0Ps6AFFMPUqkPfC1v2TvEIJlvbCXs7YyCcqHCWrkg9l7_sERhW2byNuh4Q7F8KOC5VACbvkSoJuJNcEj9oodrPpcxhlFfDtel5zeBWUpMO_zNmjH7qltIZ3aYtNONzY1BYj7LpNNJep7TMH9_jHMIrcYDSXooE7tSK__yrR6Mmpx1KxVZVoWmq5S7apwxShUG38mp7MswW3DLOBGGkUZBnw4VR9dZq6nXPSK9bNo4xzFt5gCyTv3NLwjIEC9h7OcGlNEeWpS4Be3W1CXVfsrNE9KOlb5Fkf2V9Ar3gngbrf8qNK4ZH1xCxL_XD72Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtabrasil.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mtabrasil.com.br/	1970-01-21 00:54:03	Name: __gads Value: ID=2d7e46956c077634:T=1697547166:RT=1697547166:S=ALNI_MZqf09MHL2uuFILChIX4JpJ2UtxWA
.mtabrasil.com.br/	1970-01-21 00:54:03	Name: __gpi Value: UID=00000c9b6881ae1b:T=1697547166:RT=1697547166:S=ALNI_MYr9BUNfyHrTO9gLJmvT0xPS_X1qA
.doubleclick.net/	1970-01-20 15:32:30	Name: DSID Value: NO_DATA
.mtabrasil.com.br/	1970-01-21 01:08:27	Name: _ga Value: GA1.3.1952640464.1697547166
.mtabrasil.com.br/	1970-01-20 15:33:53	Name: _gid Value: GA1.3.64948484.1697547167
.doubleclick.net/	1970-01-21 00:54:03	Name: IDE Value: AHWqTUkckaiWyU__sjGk3_7EU3kGMpexhXNafAWXXhp51XQxw2uZWIJh3XONSKnknNg
.mtabrasil.com.br/	1970-01-20 15:32:27	Name: _gat_blogger Value: 1
.mtabrasil.com.br/	1970-01-21 01:08:27	Name: _ga_9GCEHL2VX6 Value: GS1.3.1697547167.1.0.1697547167.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1(Line 19) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ads.eu.criteo.com
ajax.googleapis.com
blogger.googleusercontent.com
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
cdn.rawgit.com
connect.facebook.net
csm.eu.criteo.net
draft.blogger.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
site.mtabrasil.com.br
static.criteo.net
tpc.googlesyndication.com
www.blogger.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.mtabrasil.com.br
162.241.62.110
178.250.1.6
2001:4860:4802:32::36
2001:4860:4802:34::178
2400:52e0:1e00::1080:1
2606:4700::6810:5614
2606:4700::6812:bcf
2a00:1450:4001:802::200a
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2009
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2013
2a00:1450:4001:811::200a
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2003
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0333052a117e725be05bfd42fa506ecf423c467436b80d276542ce6ab6687ee8
03d7c27d48e30f626b427e4335c4a5a113be05599e4e30d95b7f3e1d5d09f4fe
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
082e7abd8b83c89c171b5ff8caeb84f82cf98f2d27dfd50c75990ebcf13f8aa7
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0d4b1ed60adaf595e15acc11ffeb39d60f9ca9c8b8c8e086ab716b00d1a594e7
11d89cc1ade8c52c50246e69066c1e814d52815eb8f50140bd33d24835f49970
1596474094d04d00339d7c67778bb6fc7f494651ab764d2d4cb980066ca3c6f9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18b0aa417887f2a73a7ef0acde6ac3c629f5506f8df046626702fea86dc7f9ad
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
1f1689ac85e5304679abe495fdfeaebda9811a43abfa74fe9b699a9a375de605
224ac27333a2d5651916ce51a692fd08fd0332ef7b64baa8e7384381e8ff8efb
234d1c95e643db119e9fa885f7a54581cba630234d07d257a71129d427d384e0
244fca4968cff3e7ffdedb23faeb7f56092abfbad04f6733bb97644568aadfc4
261936874db8323fe3f9dcb26eadff7e5933495d1adacec6a5b5c4c905fc892f
28cbf9790000f0c183bc513430d0796be42450e656d886389959c83dcc7ddf2f
2a6dc690db44b512a4b1ed4886a53d93b5bae8e9f073f8b7f948c7f361ca8f73
2ad0b92282eab346890b7b89c37f89d03a83e6aee893804dea8ddd6a1d7fccc6
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
314b5d0da9065dd1eb655e61ccf601df386491dea2ab2c525ceee276ca0061ad
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
383f07635b9d39d70494b678d3af59a29609c0da2b21a916ea2b2e897815e5ec
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b9cacabccfb377c6bcc52cf0aa57f7d276ab8e246f512f729a70ecaa332752a
3ca7df5bf422b1799e663d2bad1ddedb0a079244ac5df65780a09f06e38439d6
43e319a44aa00e9a28633c54266b7d1d5d3eb873dcbe1a811c737cf755f53684
44286bf2d62fae3954fd0e7c7b4d384b8b8b31db1b19ce3af6e00af8aacf624f
461fb386afd58fa93e97c91671fe6121c8bc71ffb7a42c939c77f9487ed30857
46b6c4427134cdf8dd2be5d8d4a1524b1cc59cbd5d264eda2a59f09e294cc93f
47c74ecbfd49369ffbca025b4e745d025cbe086cf9444409b59ec8cd0cb1e3ad
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4c12721c12c8d631c434a83e04ccc3a2feba01a20f7a5f78fec2283c6e1fcb
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
551ba6aaddd800c8efa2e966598f1e80666966df6275f20c7ac26ad13855dbf3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59b965941e86234e51933d54667d5c1d48e2d4465d0ec3c94c7203175252af37
5b0b615cbaaa8237f1523a442249cce5e75b64d08d06f2f1d388de6c33974130
5c148b0cd1e4a5e4c86a5174228c7998514f8883a645957e3d189fa9dd6e2516
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6138c1cdc56a91c642e41a806384d5f0dd888103f3533668982aa5bb148607d4
61b671513e301a8d42a0df300e0c2699c23dc3827f8696a633f8d9e7a14fc5b1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642a61ffd87e5d96d2848bca78f87b57652e1b43b3411f256bb122bb03215d19
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
68960786df3fff487a253ab36201133a3a8b0ac8fc001c50fd1310e0809e0e46
6a4b7664b8ac5c6fed73579023d5121e2d06c488d89f0b4b17d999c76401e3b9
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
7403cac1b961aec340c1ad76a25f15af3eb6f5dceabe6398d5e916de3b4cc4ea
7902911207c3b5023bd439292aaf50589e10076e3bfd86f6dc49e9d13510090c
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
8100421c32c27bab3d63b0d682129c5ea42a70290df1fd58053b0683f39f11f5
83b5326ee7986f295b8a888302f083b5dabace40a65c920d92423a88bbd841f0
8429ef3c6476a82f5c44552ec506ff5091232dee09969fe5595fbb6c8259770c
8eb4de8ac91cae851b1f6dfef8142eb32e6574489dd2ad3bb905aa7d2d7623c3
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f65077e60a7c0fb701f938dd01c3de80e00781c0a61616a0b05c5c2b72c1e54
991b2f373bfddf386d48aa752de9dc2de5e0c766024f88cd9815c78bd379ba25
9db2a6b983da08bef060545ad2f0d53910fa42d5b6236e8dca807cbcd61ff726
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a87914182bcce4ad5987f9d661d1770ed3c633724d0b7773a5b6b8ee726b6cd8
a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
b24ef14f8263c716d5e80695e3dfb47616b59f503322a88a19fc61140a781c95
b50535baea69278e8fd05690a6db46b29464f15bf86ef045d82566bbe1399147
c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3
c23a2d8986ccfd0bb59b5c0c93ab4511e0af31fccde9caeb31092105eb21b8cb
c93efc9f61620f152f69f2db294b4e3653f70935208e582f3921a910f33e42ef
c9c368af37832bc0fd3864aa5da9ebc4be1c9b2f6c1bac2a5beae0abda503fee
cafde31053a1b9290fe64ed2480de52aa2d667bfb04cf5fa0a1cd7f8da6eb6dc
cdcaa771e7265ff69e374f9fef053fd9ae91567074983aa1a61bf74a3001490b
d23a991b8912a21ae017638dbab76d3134ef36dcfd7e89d5dbbe02f1212f7cb3
de028813a839acc66324a24e42e73cb33bbd06c6f5e952619bddcadca1ffffe8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dedfc958e1b0ecdcc47464b42afe5ac842b9726a255f0e3a60f43d6d86c8914a
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e573ef2550d1d915ebcfc08fda0bb978ec82834a361f4c5624681d0ee67186e5
e68b13f30134c0a1816aece2d8ef37dc325f1b282798d56fad07b4a1fa68badc
e8e6e587789b21a7e08d8d6f46884076573f0a4db214415f84b64d7cdd8a19c5
edaf715d402ba163c3e0a6a67db6f9ea2fe68c9a553f47d4a7374e4f879efc4d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7bef07a99747d86e42557cf3c2368e5fab7f04eed4817e1ef02558923759ab
f3e880c8fdbd5fb92ff08e4587b1d04c3f816105de1926818f8f04e52af44d98
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f76c2605ff52998b3da702bcb22d1151a20a09fb06fd2a3a50a6ed94f0d3e444

www.mtabrasil.com.br Open in urlscan Pro 2a00:1450:4001:810::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

98 %HTTPS

93 %IPv6

20 Domains

32 Subdomains

27 IPs

3 Countries

2198 kBTransfer

4382 kBSize

8 Cookies

14 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mtabrasil.com.br Open in urlscan Pro
2a00:1450:4001:810::2013 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

98 %
HTTPS

93 %
IPv6

20
Domains

32
Subdomains

27
IPs

3
Countries

2198 kB
Transfer

4382 kB
Size

8
Cookies

125 HTTP transactions
0 data transactions