urlscan.io logo urlscan.io
SecurityTrails logo

paciente.conexasaude.com.br Open in urlscan Pro
13.32.164.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://teleconsulta.unimedrondonopolis.com.br/
Effective URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Submission: On March 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 18 domains to perform 59 HTTP transactions. The main IP is 13.32.164.89, located in United States and belongs to AMAZON-02, US. The main domain is paciente.conexasaude.com.br.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 22nd 2023. Valid for: 4 months.
This is the only time paciente.conexasaude.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
7 13.32.164.89 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:24d... 16509 (AMAZON-02)
7 104.18.72.113 13335 (CLOUDFLAR...)
1 52.95.163.96 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.78.45.176 396982 (GOOGLE-CL...)
4 151.101.193.44 54113 (FASTLY)
4 2a03:2880:f03... 32934 (FACEBOOK)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42::300 54113 (FASTLY)
2 104.16.53.111 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
1 54.145.103.181 14618 (AMAZON-AES)
4 2a03:2880:f13... 32934 (FACEBOOK)
2 141.226.224.48 200478 (TABOOLA-AS)
59 23
1    2606:4700:3033::ac43:b7c1 (United States)

ASN13335 (CLOUDFLARENET, US)
teleconsulta.unimedrondonopolis.com.br
7    13.32.164.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-164-89.ord58.r.cloudfront.net
paciente.conexasaude.com.br
2    2607:f8b0:4006:816::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:da1f (United States)

ASN13335 (CLOUDFLARENET, US)
js.appboycdn.com
4    2607:f8b0:4006:820::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:24d3:ba00:0:ee2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.siteblindado.com
7    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
1    52.95.163.96 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com
s3.sa-east-1.amazonaws.com
2    2607:f8b0:4006:820::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700::6812:1996 (United States)

ASN13335 (CLOUDFLARENET, US)
api.conexasaude.com.br
2    34.78.45.176 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 176.45.78.34.bc.googleusercontent.com
chatbox.prod.europe-west1.gc.chatlayer.ai
minio.prod.europe-west1.gc.chatlayer.ai
4    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
4    2a03:2880:f036:1d:face:b00c:0:3 (Berlin, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2600:141b:13::172f:91e1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
api.siteblindado.com
3    2607:f8b0:4006:824::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2607:f8b0:4006:822::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
2    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
conexasaude3465.zendesk.com
1    2607:f8b0:4006:81e::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    54.145.103.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-103-181.compute-1.amazonaws.com
widget-mediator.zopim.com
4    2a03:2880:f136:83:face:b00c:0:25de (Berlin, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
9 conexasaude.com.br
paciente.conexasaude.com.br
api.conexasaude.com.br
1 MB
8 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 912
trc.taboola.com — Cisco Umbrella Rank: 658
pips.taboola.com — Cisco Umbrella Rank: 1564
cds.taboola.com — Cisco Umbrella Rank: 1756
trc-events.taboola.com — Cisco Umbrella Rank: 1840
30 KB
7 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1842
ekr.zdassets.com — Cisco Umbrella Rank: 2117
367 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
264 B
4 google.com
analytics.google.com — Cisco Umbrella Rank: 281
www.google.com — Cisco Umbrella Rank: 2
769 B
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 147
265 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
271 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
20 KB
3 siteblindado.com
cdn.siteblindado.com — Cisco Umbrella Rank: 258757
api.siteblindado.com — Cisco Umbrella Rank: 151432
6 KB
2 zendesk.com
conexasaude3465.zendesk.com
1 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 70
411 B
2 chatlayer.ai
chatbox.prod.europe-west1.gc.chatlayer.ai — Cisco Umbrella Rank: 360807
minio.prod.europe-west1.gc.chatlayer.ai — Cisco Umbrella Rank: 401008
23 KB
2 gstatic.com
fonts.gstatic.com
58 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
1 zopim.com
widget-mediator.zopim.com — Cisco Umbrella Rank: 2623
945 B
1 amazonaws.com
s3.sa-east-1.amazonaws.com — Cisco Umbrella Rank: 69908
29 KB
1 appboycdn.com
js.appboycdn.com — Cisco Umbrella Rank: 4255
51 KB
1 unimedrondonopolis.com.br
teleconsulta.unimedrondonopolis.com.br
763 B
59 18
Domain Requested by
7 paciente.conexasaude.com.br paciente.conexasaude.com.br
6 static.zdassets.com paciente.conexasaude.com.br
static.zdassets.com
4 www.facebook.com paciente.conexasaude.com.br
4 connect.facebook.net www.googletagmanager.com
connect.facebook.net
4 www.googletagmanager.com paciente.conexasaude.com.br
www.googletagmanager.com
3 analytics.google.com www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
2 trc-events.taboola.com cdn.taboola.com
2 conexasaude3465.zendesk.com static.zdassets.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 api.siteblindado.com cdn.siteblindado.com
paciente.conexasaude.com.br
2 api.conexasaude.com.br paciente.conexasaude.com.br
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com paciente.conexasaude.com.br
1 widget-mediator.zopim.com static.zdassets.com
1 cds.taboola.com cdn.taboola.com
1 www.google.com paciente.conexasaude.com.br
1 pips.taboola.com cdn.taboola.com
1 minio.prod.europe-west1.gc.chatlayer.ai paciente.conexasaude.com.br
1 trc.taboola.com cdn.taboola.com
1 ekr.zdassets.com static.zdassets.com
1 chatbox.prod.europe-west1.gc.chatlayer.ai paciente.conexasaude.com.br
1 s3.sa-east-1.amazonaws.com paciente.conexasaude.com.br
1 cdn.siteblindado.com paciente.conexasaude.com.br
1 js.appboycdn.com paciente.conexasaude.com.br
1 teleconsulta.unimedrondonopolis.com.br 1 redirects
59 27

This site contains links to these domains. Also see Links.

Domain
www.siteblindado.com
Subject Issuer Validity Valid
*.conexasaude.com.br
Amazon RSA 2048 M02		 2023-02-22 -
2023-06-16		 4 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-12 -
2023-06-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.siteblindado.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-08-19		 6 months crt.sh
zdassets.com
Cloudflare Inc ECC CA-3		 2022-11-10 -
2023-11-09		 a year crt.sh
*.s3-sa-east-1.amazonaws.com
Amazon		 2022-09-21 -
2023-09-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
chatbox.prod.europe-west1.gc.chatlayer.ai
ZeroSSL RSA Domain Secure Site CA		 2023-03-26 -
2023-06-24		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-04-03		 3 months crt.sh
api.siteblindado.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-07-25		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
minio.prod.europe-west1.gc.chatlayer.ai
ZeroSSL RSA Domain Secure Site CA		 2023-03-05 -
2023-06-03		 3 months crt.sh
conexasaude3465.zendesk.com
Cloudflare Inc ECC CA-3		 2023-02-17 -
2024-02-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.zopim.com
Amazon RSA 2048 M02		 2023-02-21 -
2023-12-06		 9 months crt.sh

This page contains 2 frames:

Primary Page: https://paciente.conexasaude.com.br/login/rondonopolis/
Frame ID: 2C147495E42BD343F4848A09CAC73D46
Requests: 50 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-32caac228613062705f8.js
Frame ID: D07EB7696A13161083FBB905A5191E47
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paciente

Page URL History Show full URLs

  1. http://teleconsulta.unimedrondonopolis.com.br/ HTTP 301
    https://paciente.conexasaude.com.br/login/rondonopolis/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.appboycdn\.com/web-sdk/([\d.]+)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

59
Requests

100 %
HTTPS

63 %
IPv6

18
Domains

27
Subdomains

23
IPs

5
Countries

2326 kB
Transfer

8018 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://teleconsulta.unimedrondonopolis.com.br/ HTTP 301
    https://paciente.conexasaude.com.br/login/rondonopolis/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
paciente.conexasaude.com.br/login/rondonopolis/
Redirect Chain
  • http://teleconsulta.unimedrondonopolis.com.br/
  • https://paciente.conexasaude.com.br/login/rondonopolis/
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.164.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-164-89.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac516cb0760401339def2de0d127e9348add39539623b01f6d2ba10894c10dd3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
86281
content-encoding
br
content-type
text/html
date
Sun, 26 Mar 2023 11:31:50 GMT
etag
W/"7b551ee7dd56028c9120f19cb7ce36ad"
last-modified
Fri, 24 Mar 2023 03:00:18 GMT
server
AmazonS3
strict-transport-security
max-age=63072000
vary
Accept-Encoding
via
1.1 e61f6cd3dfbf1a805c935627b416490e.cloudfront.net (CloudFront)
x-amz-cf-id
Qwnze1H1-zVu22IwbxiiiHCQZoY8v9MBVggEUYQY7tk47mtm4FwyAA==
x-amz-cf-pop
ORD58-P1
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
7ae74c3fde4e22e1-ORD
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 27 Mar 2023 11:29:50 GMT
Expires
Mon, 27 Mar 2023 12:29:50 GMT
Location
https://paciente.conexasaude.com.br/login/rondonopolis/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbNr86K6hzWdMm6IvxUy90mIWrdyqYzqJ7sBiOWolPWMoEE1O9J2mOSpbRGdgYAu%2FTQSPHLuc4MgoWIijOC%2FDMLtbDfyc7jl4quluFQPSD8%2BbhyuimAyEiiF9Y81Xs5Ng4d%2F9hI5QCTeZltwjm0OBaoXE3NirMyjEIIqVDqUxo8fAYIyJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		2 KB
834 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Mar 2023 11:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 10:38:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Mar 2023 11:29:50 GMT
css2
fonts.googleapis.com/ 		8 KB
711 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700;800;900&display=swap
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b2162de3b02c800674ed5a8014f616c1527ad3c7a32b35438ef8a7eec25d47b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Mar 2023 11:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 10:47:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Mar 2023 11:29:50 GMT
12.a1596f27.chunk.css
paciente.conexasaude.com.br/static/css/ 		70 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paciente.conexasaude.com.br/static/css/12.a1596f27.chunk.css
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.164.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-164-89.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f931912b0e456ad6bcea3d3f1001ada99d293338f5d32951a210353145b9a26
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/login/rondonopolis/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sun, 26 Mar 2023 12:56:41 GMT
content-encoding
gzip
via
1.1 e61f6cd3dfbf1a805c935627b416490e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 24 Mar 2023 03:00:18 GMT
server
AmazonS3
strict-transport-security
max-age=63072000
x-amz-cf-pop
ORD58-P1
age
81190
etag
W/"2a897ad2df2fae88ebf5c34c77bdc9b5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
fq6lfDcDvTWpDr-70y_I1A8P_NJf0rNWpo4RzkN8w7MoaFQh4ONAPQ==
x-xss-protection
1; mode=block
main.68b26aec.chunk.css
paciente.conexasaude.com.br/static/css/ 		58 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paciente.conexasaude.com.br/static/css/main.68b26aec.chunk.css
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.164.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-164-89.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb2391ace1623d54710ed3ba0cc59f6d2604949efc769575c11024b41345b0bc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/login/rondonopolis/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sun, 26 Mar 2023 12:56:41 GMT
content-encoding
br
via
1.1 e61f6cd3dfbf1a805c935627b416490e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 24 Mar 2023 03:00:18 GMT
server
AmazonS3
strict-transport-security
max-age=63072000
x-amz-cf-pop
ORD58-P1
age
81190
etag
W/"9abba1d5ae999a30bde72d8722d03b49"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
6ZDjkMtzCVNX6eUnwxc9_zZlI-4D6K9Dmb56sDKNFbISVAqamGIopQ==
x-xss-protection
1; mode=block
12.7fa45454.chunk.js
paciente.conexasaude.com.br/static/js/ 		4 MB
883 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paciente.conexasaude.com.br/static/js/12.7fa45454.chunk.js
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.164.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-164-89.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d0e4454c1eb3baef17403bac1dd5999cf66a230e9c3aa701056cf7a4be50301f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/login/rondonopolis/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sun, 26 Mar 2023 12:13:52 GMT
content-encoding
br
via
1.1 e61f6cd3dfbf1a805c935627b416490e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 24 Mar 2023 03:00:21 GMT
server
AmazonS3
strict-transport-security
max-age=63072000
x-amz-cf-pop
ORD58-P1
age
83759
etag
W/"ac80ad463b5958400d1988ac712c5cd6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
PNydlnj_E3d7GAdH0e0cnqpXzB1qrXoJbEW-aid71c_Uz4alyN2Q2A==
x-xss-protection
1; mode=block
main.dfe8b6ca.chunk.js
paciente.conexasaude.com.br/static/js/ 		295 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paciente.conexasaude.com.br/static/js/main.dfe8b6ca.chunk.js
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.164.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-164-89.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc2da56c46941bff9640dd12a50c52e02498b37ee8414d26560660f54037a577
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/login/rondonopolis/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sun, 26 Mar 2023 12:13:52 GMT
content-encoding
br
via
1.1 e61f6cd3dfbf1a805c935627b416490e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 24 Mar 2023 03:00:35 GMT
server
AmazonS3
strict-transport-security
max-age=63072000
x-amz-cf-pop
ORD58-P1
age
83759
etag
W/"cbdf7e8253d11a85fe27fd773e325187"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
_PAcStsHBqmgCYuxqUlRWZjaFemRYp9uPfyEiv7fGvQaMZ9nHdjyuQ==
x-xss-protection
1; mode=block
appboy.min.js
js.appboycdn.com/web-sdk/3.4/ 		189 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.appboycdn.com/web-sdk/3.4/appboy.min.js
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:da1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0541499190c257a83eb557812148f5bce92574373eda8555b3c0fa5163df3cd9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Oct 2021 22:27:51 GMT
server
cloudflare
x-amz-request-id
SH0SGXZVBSB1G7N3
age
5420
etag
W/"dc7ece658aaaa661ce9baebfcf0a7416"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
7ae74c465af50364-ORD
x-amz-id-2
HpGIfcchDA45TsIXlPFUA+FOE3llSMmTwUJTA1315xoHEhToHmviJZ7gvHlhZztGqoRimQFiXdo=
expires
Mon, 27 Mar 2023 15:29:51 GMT
gtm.js
www.googletagmanager.com/ 		241 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8T4LR7
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
087ad088b3e3aab660f9dd8cf0ae9181e05be5ca2c3cc560340f97e629cb0f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83665
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Mar 2023 11:29:51 GMT
165.28604956.chunk.js
paciente.conexasaude.com.br/static/js/ 		55 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paciente.conexasaude.com.br/static/js/165.28604956.chunk.js
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.164.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-164-89.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
253bfd65599502e6940dc04b8ad727648e0d8b832cb50feadc7425e34318cc7f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/login/rondonopolis/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 03:49:16 GMT
content-encoding
br
via
1.1 e61f6cd3dfbf1a805c935627b416490e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 24 Mar 2023 03:00:25 GMT
server
AmazonS3
strict-transport-security
max-age=63072000
x-amz-cf-pop
ORD58-P1
age
27636
etag
W/"a0329d8eb01c5b1ef77d0817c0d16e90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
iid663uq9_6qaRdd5rtTzAuoS23MN1keWyKFjG3xFNDsgLS1Bn4SHg==
x-xss-protection
1; mode=block
aw.js
cdn.siteblindado.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.siteblindado.com/aw.js
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/static/js/main.dfe8b6ca.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d3:ba00:0:ee2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
081b26433bd1ca389f3dca19b907a78a7c66075f9bd920e42d707bfcbc0bc976

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 08:18:32 GMT
Content-Encoding
gzip
Via
1.1 51b64f398ca40514b951829e44e92c36.cloudfront.net (CloudFront)
Last-Modified
Tue, 22 Mar 2022 14:30:37 GMT
Server
AmazonS3
X-Amz-Cf-Pop
ORD58-P4
Age
11480
ETag
W/"e038fbe38f630f9ab40b1177a5cad5cb"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
73PNg-uMM83occCM9d8OLnXOAilphyOq8m4y_SJZ1UuX5VDEuZqeIw==
snippet.js
static.zdassets.com/ekr/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=0bd69c8a-25a3-4d36-ad0f-715d64728898
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/static/js/12.7fa45454.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21d2ea81f22f44525f201ad9f4702029e0b2bfe65d5a2b534104dbe4b2346bbe
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:51 GMT
x-amz-version-id
PBHdtxERTX7HUmm2o8dmki0ZTZF0krHp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
C0WJTXCRZST1T8T7
age
25
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
LqSd+hFglqoEhW48qYacYTZ/sNRKLmqrCJe/xvK46kARVJtbpUBArv76rXyyEZ9942s5Ita8CfI=
last-modified
Fri, 17 Mar 2023 01:24:00 GMT
server
cloudflare
etag
W/"35755063f184195a50a9c07a2c71693a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JGpXoOoeJMQmqfSxBhKW2seBqLBMah81fBI9w5ZGHlJugNaA8nd1QopdlXAtMGkx1Rjdw5mudrsMcv625RjyMnKjAxom7Uzse04%2Fyu2wBw0Gn5MgSnB%2FnBUbnpfyGHkY6RNg20%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
7ae74c48f8bb2901-ORD
logo-b2c-rondonopolis.png
s3.sa-east-1.amazonaws.com/drvirtual/logos/b2c/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.sa-east-1.amazonaws.com/drvirtual/logos/b2c/logo-b2c-rondonopolis.png
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.163.96 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bf3895b412274681ed0ce982e47ae652971c6431d7a5f61b06785f5f070d6820

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 11:29:52 GMT
Last-Modified
Tue, 10 May 2022 18:25:20 GMT
Server
AmazonS3
x-amz-request-id
RM18YNKH8ZFQXJJ3
ETag
"c97adf6defdee83b4a59b9ec16c0e9e1"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
29779
x-amz-id-2
oaLxhKnl7kK3L1b9d/lNSta75POkuj6yRJ+VKKVXdII0lnQ1ODF2J2BKAvUmiIN2B9HAdQheotk=
noise.978633e0.png
paciente.conexasaude.com.br/static/media/ 		217 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paciente.conexasaude.com.br/static/media/noise.978633e0.png
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.164.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-164-89.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94ffba8126e72b1476e88f875f2dd1575c78e0a774c710fed8de5c3dd0ce3984
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/login/rondonopolis/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 01:21:09 GMT
via
1.1 e61f6cd3dfbf1a805c935627b416490e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
last-modified
Fri, 24 Mar 2023 03:00:35 GMT
server
AmazonS3
x-amz-cf-pop
ORD58-P1
age
36522
etag
"64a8f709bce812cc05a4cfbd4ed46629"
x-cache
Hit from cloudfront
content-type
image/png
content-length
222376
x-amz-cf-id
c-9TkT-BzxFA3OpCFcfwnGP1hjhYDEbdXzu6hPZmgBUkugQq4OixVg==
x-xss-protection
1; mode=block
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paciente.conexasaude.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 10:14:13 GMT
x-content-type-options
nosniff
age
350138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 10:14:13 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paciente.conexasaude.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 10:14:12 GMT
x-content-type-options
nosniff
age
350139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35904
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:34:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 10:14:12 GMT
rondonopolis
api.conexasaude.com.br/whitelabel/config/cores/codigo_unico/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.conexasaude.com.br/whitelabel/config/cores/codigo_unico/rondonopolis?o=web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1996 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' ; frame-src 'none'; object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
crossdomain,x-device
Access-Control-Request-Method
GET
Origin
https://paciente.conexasaude.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
crossdomain, x-device
access-control-allow-methods
GET,POST,PUT,DELETE,PATCH,HEAD
access-control-allow-origin
https://paciente.conexasaude.com.br
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status
DYNAMIC
cf-ray
7ae74c495a1b2315-ORD
content-length
0
content-security-policy
script-src 'self' ; frame-src 'none'; object-src 'none'
date
Mon, 27 Mar 2023 11:29:52 GMT
server
cloudflare
strict-transport-security
max-age=63072000
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1;mode=block
63bd3eab3054869a69a4a061
chatbox.prod.europe-west1.gc.chatlayer.ai/sdk/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chatbox.prod.europe-west1.gc.chatlayer.ai/sdk/63bd3eab3054869a69a4a061
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/static/js/main.dfe8b6ca.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.78.45.176 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.45.78.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
d0a27373fd818500aae83e9f8038656207f0d835d726b47b8c586712edd70da8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:51 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-powered-by
Express
etag
W/"2af7-CUcVXsyA9aXTI0s5jEl+7CDciMQ"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
*
rondonopolis
api.conexasaude.com.br/whitelabel/config/cores/codigo_unico/ 		137 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.conexasaude.com.br/whitelabel/config/cores/codigo_unico/rondonopolis?o=web
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/static/js/12.7fa45454.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1996 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e896baacc83cac4bb2df03956df2e959a0be6947f0b1cf33ca30e621e12cbfc9
Security Headers
Name Value
Content-Security-Policy script-src 'self' ; frame-src 'none'; object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://paciente.conexasaude.com.br/
accept-language
en-US,en;q=0.9
x-device
web
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
crossDomain
true

Response headers

date
Mon, 27 Mar 2023 11:29:52 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
content-security-policy
script-src 'self' ; frame-src 'none'; object-src 'none'
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://paciente.conexasaude.com.br
access-control-allow-credentials
true
cf-ray
7ae74c4d1dfc2315-ORD
x-xss-protection
1;mode=block
tfa.js
cdn.taboola.com/libtrc/unip/1395292/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1395292/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8T4LR7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc314e15e35adbb302a3264726f279d46b5575eaed3053b490d1d1f297d6bad8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
mjypbnz5plas6LYNb.AHUM1LWhRjDxLw
content-encoding
gzip
via
1.1 varnish
date
Mon, 27 Mar 2023 11:29:51 GMT
x-amz-request-id
YGVV5DV7Q9QRJ5PV
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
18205
x-amz-id-2
fAN57T9hAk75wbCXAEnDBTTsxIlbpFs6ShOtlQcLa+5ZOV101yoRb1tgTAl/2z6AzMSKS5iH9UI=
x-served-by
cache-chi-kigq8000146-CHI
last-modified
Sun, 26 Mar 2023 11:22:23 GMT
server
AmazonS3
x-timer
S1679916592.592993,VS0,VE52
etag
"9048dd180568d3f0363d2876c8d89859"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
16
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8T4LR7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f036:1d:face:b00c:0:3 Berlin, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1024b15789c74b9531cd607b7507c13723879a74bebd70658bec6ed92c025aa7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 27 Mar 2023 11:29:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27907
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
LQez3Qdu45SrNKkEtJMsVy25qJRZpN7ggg2LWdibHFDicbXfu4bWsAL5wfykcbtyjNUiKdRW5iXGYakN1dN0Iw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-124174008-8
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8T4LR7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2a2620f8c80c2a750636b97bf184a1888f73ca7eef83cb4768acde615227263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44782
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Mar 2023 11:29:51 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MDH5XR5KB4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8T4LR7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
99b86511cf14912e76f4919faaa1afef8973796a80505c2f09f182b5fdc4add6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78969
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 Mar 2023 11:29:51 GMT
js
www.googletagmanager.com/gtag/ 		187 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7D7XHTRD6Q&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8T4LR7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1bcf4a50df354fdacb44fd02bc6e9cd55e53abe7f76c37d7569b8a47003dca8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69054
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 Mar 2023 11:29:51 GMT
0bd69c8a-25a3-4d36-ad0f-715d64728898
ekr.zdassets.com/compose/ 		381 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/0bd69c8a-25a3-4d36-ad0f-715d64728898
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=0bd69c8a-25a3-4d36-ad0f-715d64728898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12d9e811d7def651b9d600d5f4f090742d48f12676e7b1e33ae3cd54220b930
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:51 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
7ae74c49c9b22318-ORD, 7ae74c49c9b22318-ORD
x-runtime
0.002943
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"d12d9e811d7def651b9d600d5f4f0907"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dz%2FQdFr8QvMxFAsWwpzxBpVlJpvrCf7LhWr6qbYN5SoG6gLiLru91Otv1n03O8yTMJmM7Mf1s%2FWIHSR64FZQaGBOvstKZuV2sZANTyu8tblY14xCD4b6YdGVhSIZnEO3UT4%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
7ae74c49c9b22318-ORD
info
api.siteblindado.com/paciente.conexasaude.com.br/ 		416 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.siteblindado.com/paciente.conexasaude.com.br/info
Requested by
Host: cdn.siteblindado.com
URL: https://cdn.siteblindado.com/aw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::172f:91e1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
73ac0b42948e9f0c904aec5b5d90b138d453c8320b4aeeb3134f86ac340c4d85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:51 GMT
content-encoding
gzip
x-amzn-remapped-content-length
416
x-amz-cf-pop
DEN52-C1
x-amzn-requestid
9f9632d1-e240-4333-8177-24cd3b54fb34
x-amzn-trace-id
Root=1-6421651c-58de147a43339f5d4e2f6a0a
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Cby8hEZVoAMFocA=
x-amz-cf-id
jk2Mdb0agGOzcyZlQT7Vv7yL_g9BnTl37ZTnk1yReEHkGroEpCdb_A==
content-length
276
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124174008-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Mar 2023 10:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5080
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 27 Mar 2023 12:05:11 GMT
collect
www.google-analytics.com/g/ 		0
179 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7D7XHTRD6Q&gtm=45je33m0&_p=722588972&cid=1552737264.1679916592&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679916591&sct=1&seg=0&dl=https%3A%2F%2Fpaciente.conexasaude.com.br%2Flogin%2Frondonopolis%2F&dt=Paciente&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7D7XHTRD6Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Mar 2023 11:29:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paciente.conexasaude.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-MDH5XR5KB4&gtm=45je33m0&_p=722588972&_gaz=1&cid=1552737264.1679916592&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679916591&sct=1&seg=0&dl=https%3A%2F%2Fpaciente.conexasaude.com.br%2Flogin%2Frondonopolis%2F&dt=Paciente&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MDH5XR5KB4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Mar 2023 11:29:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paciente.conexasaude.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MDH5XR5KB4&cid=1552737264.1679916592&gtm=45je33m0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MDH5XR5KB4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Mar 2023 11:29:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paciente.conexasaude.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-MDH5XR5KB4&gtm=45je33m0&_p=722588972&cid=1552737264.1679916592&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1679916591&sct=1&seg=0&dl=https%3A%2F%2Fpaciente.conexasaude.com.br%2Flogin%2Frondonopolis%2F&dt=Paciente&en=Iniciojornada_pageview_login&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MDH5XR5KB4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Mar 2023 11:29:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paciente.conexasaude.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1395292/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1395292/trc/3/json?tim=1679916591757&data=%7B%22id%22%3A486%2C%22ii%22%3A%22%2Flogin%2Frondonopolis%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1679916591750%2C%22cv%22%3A%2220230326-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpaciente.conexasaude.com.br%2Flogin%2Frondonopolis%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpsicologiaviva-psiclogos-br-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1679916591756%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpaciente.conexasaude.com.br%2Flogin%2Frondonopolis%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1395292/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1036205c570b5106491631061968e2622f73bd046ee9dcd010a338b2a7e8c448

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-vcl-time-ms
14
date
Mon, 27 Mar 2023 11:29:51 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-chi-kigq8000146-CHI
server
nginx
x-timer
S1679916592.797627,VS0,VE14
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=722588972&t=pageview&_s=1&dl=https%3A%2F%2Fpaciente.conexasaude.com.br%2Flogin%2Frondonopolis%2F&ul=en-us&de=UTF-8&dt=Paciente&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=19283449&gjid=1935856995&cid=1552737264.1679916592&tid=UA-124174008-8&_gid=1192689998.1679916592&_r=1&gtm=457e33m0&jsscut=1&z=1950200058
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paciente.conexasaude.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Mar 2023 11:29:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paciente.conexasaude.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
web-widget-framework-32caac228613062705f8.js
static.zdassets.com/web_widget/latest/ Frame D07E 		158 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-32caac228613062705f8.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=0bd69c8a-25a3-4d36-ad0f-715d64728898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63de27ffda997d78f30f0cb3258cd533a2f8cba71fcd3aac38b098c7c30348bc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:51 GMT
x-amz-version-id
om9CYDob_kv_cRqHCtiTyGxaPipwPGaE
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
7G7DW79RT1V811F1
age
627811
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
EzSbL7Ny2PP7N/KVVv3vMr2JD+oXhH7qsga3sHluwldWI3vb4Wo3D6To7Km1c8GhRkG/KsxI7/B6mWneKsR+UA==
last-modified
Mon, 20 Mar 2023 04:07:02 GMT
server
cloudflare
etag
W/"40aa9d2169f5ea81758d8b3ec521f42f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gamRMtjgqkbusHzt5hf0STlMEyqKZrOhAwJQzKU5YhhqCufc0DrbubK0yBvtQ47GiXKRoMUPsfTyW%2BW%2Fb3hNLl2eaSHcSoY4uZ%2BJzM2kSBgTK3RLSHAzm8Api4EPLZMt6%2BuLTNM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7ae74c4afa402901-ORD
expires
Tue, 19 Mar 2024 04:07:01 GMT
seal.png
api.siteblindado.com/paciente.conexasaude.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.siteblindado.com/paciente.conexasaude.com.br/seal.png
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::172f:91e1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
60c36401f5a74700585ef30bc1345839da5d4afeab13751b3ed3ca4c6d784537

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:52 GMT
x-amzn-remapped-content-length
3313
x-amz-cf-pop
MIA3-C1
x-amzn-trace-id
Root=1-642106ec-78c6544949a2e9325f150c09
x-amzn-requestid
6b248cce-e514-4948-80b6-33bc390bbf13
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/png
access-control-allow-origin
*
x-amz-apigw-id
Ca4FAGZ4oAMF8-Q=
content-length
3313
x-amz-cf-id
pdrqiXiSBSLIcnZ-4r70Aoq4vtTXeiAJSNCIu9VQA0VBBK_LmjyCyg==
expires
Mon, 27 Mar 2023 11:29:53 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1395292/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Mon, 27 Mar 2023 11:29:51 GMT
x-amz-request-id
B8S87ZG75GT4F45Y
age
1361
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
JihOWBCqml4Sxqn7jEchMRuHq55nBw29PyUCzzktxCLEtetDX4U88HJ+61y2z9AE0GxrK3utUaE=
x-served-by
cache-chi-kigq8000146-CHI
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1679916592.869618,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
82
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1689
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1395292/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5dafe8b74bfd8567ceb1372730a1fbf9b6c585bfb52a64032f6a37a1df7a522c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
s267fsNTlQZoIUop6vOPkT.WzN.oCb4n
content-encoding
gzip
via
1.1 varnish
date
Mon, 27 Mar 2023 11:29:51 GMT
x-amz-request-id
5Y1CWE8QJWK4XQGP
age
8047
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6472
x-amz-id-2
I+cJKd+zgOD9cR4IzW08L0FGhYTQWpWLJTXz1oGkEwd9SH3YgQ+5bphy5N0ZQpjyOsGVddBlD8M=
x-served-by
cache-chi-kigq8000146-CHI
last-modified
Mon, 26 Dec 2022 14:02:08 GMT
server
AmazonS3
x-timer
S1679916592.869572,VS0,VE0
etag
"df82da09581e0f287e5655fe47ceb559"
vary
Accept-Encoding
content-type
application/javascript
abp
82
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
5045
logo_chat_icone_v1-8.png
minio.prod.europe-west1.gc.chatlayer.ai/storage-chatlayer-prod-europe-west1-gc/d351cdd5f86d7f78a14a34162da6025f2ca4a2a05dffb7df8152c9f34daa2013/63bd3eab3054869a69a4a061/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minio.prod.europe-west1.gc.chatlayer.ai/storage-chatlayer-prod-europe-west1-gc/d351cdd5f86d7f78a14a34162da6025f2ca4a2a05dffb7df8152c9f34daa2013/63bd3eab3054869a69a4a061/logo_chat_icone_v1-8.png
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.78.45.176 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.45.78.34.bc.googleusercontent.com
Software
/
Resource Hash
795db4127f55baccd27cebcb038c530d4524805e03842dcde1e17b45b27b175e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 10 Jan 2023 10:35:27 GMT
age
3586
etag
"d0ae40c6f8dcef20262e565e723a1196"
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
18294
expires
Mon, 27 Mar 2023 11:30:06 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-124174008-8&cid=1552737264.1679916592&jid=19283449&gjid=1935856995&_gid=1192689998.1679916592&_u=YADAAUAAAAAAACAAI~&z=616183470
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paciente.conexasaude.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 27 Mar 2023 11:29:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paciente.conexasaude.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		64 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
84cb3b040b3f50d5d062ada6c03d56b79db35319b4e079ed78b70758c87bf4f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by
cache-chi-klot8100166-CHI
date
Mon, 27 Mar 2023 11:29:51 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://paciente.conexasaude.com.br
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
config
conexasaude3465.zendesk.com/embeddable/ Frame D07E 		1003 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://conexasaude3465.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-32caac228613062705f8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
070b2b8749a9e9f996434d6f3f0beeb08a6294b84e5450334022ffeb0091db31

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-787cc5544d-pwcdh
x-cached
MISS
x-request-id
7ae74c4c2bfc29d8-IAD
x-runtime
0.001953
last-modified
Sun, 26 Mar 2023 15:43:26 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOMvr8xJMLPq7Cfiev9p5VmXrKL9R0FNTXi2ePAONzIJf44j6k39hxaRTQMSXbsOv%2FOHkJTJM5NsG3AUvG8TCaVO4h0tSX7szvGou%2F2Kxm5zwCmDKXJqe4fRQEHxFnyyG7T8s9MOYNxyZBuUZg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
7ae74c4c2bfc29d8-ORD
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-124174008-8&cid=1552737264.1679916592&jid=19283449&_u=YADAAUAAAAAAACAAI~&z=1550654743
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Mar 2023 11:29:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=4cb85304-dd10-4a0e-9ec0-b5430c88d07d-tuctb1b03af&uad=a517bf52ed3fd6bd4d53c2a8a7e26785a7249f135cb78e7770fedd222ac81252&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 27 Mar 2023 11:29:52 GMT
cache-control
no-store
server
nginx
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f036:1d:face:b00c:0:3 Berlin, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 27 Mar 2023 11:29:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
tO8MDEpuJZSMeF+TpP5aMHdmowdzCbesvwTUknuB/QYLUxIcG7lCKU6ti2yqYcxKAzExjiNMshg+0kMkLS8kEQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
1048676188893065
connect.facebook.net/signals/config/ 		380 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1048676188893065?v=2.9.100&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f036:1d:face:b00c:0:3 Berlin, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
167ca7468f168823d249185af924ee45a9abbd8663cb190d398b956d4b6a9c10
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 27 Mar 2023 11:29:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
uXIH6qRdnxDr4pt3L1lIw8LhtbshEhTsHvt5XhqITeNT90f08MYIdBVMZDCmJYuM03Re9W3xeTbUPhodJdKjqQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
web-widget-classic-464baaa.js
static.zdassets.com/web_widget/latest/classic/ Frame D07E 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-464baaa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-32caac228613062705f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b126b8c35fb78f5afaebd5ebf9a43c56595472cafca71b8a988b7050c059a8f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:52 GMT
x-amz-version-id
LjG5OVNe5oFw3qB5xBggx_.H8o8tPW20
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
WXMY5ZNGPCYAC1T7
age
396062
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
2YRuShSHt0qPHznMmnL2VGzPzi+wDhb0IXJoRj7tStNRzV/k9sXDsbbMPTOkJbla82+7ByL+9XI=
last-modified
Mon, 20 Mar 2023 04:09:45 GMT
server
cloudflare
etag
W/"f4a0023ec8d1997e77ae5e1a8148be2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tB9slPEMtpvNqP%2B1x%2BoCqvPaJdIWSgg%2FiH8oK%2BFC96qwbx4If4VT%2BLbHMxKYVFrfdKRssCHAs%2FmsUJKUpsGwzxWEt5EaIe%2FmXhvybAp8mrXsbpWn2jl%2BsA%2BEeYQAke74CYtA0xM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7ae74c4caba32901-ORD
expires
Tue, 19 Mar 2024 04:09:44 GMT
web-widget-8165-464baaa.js
static.zdassets.com/web_widget/latest/classic/ Frame D07E 		663 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-464baaa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-464baaa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:52 GMT
x-amz-version-id
QLsw4mnhPcYmQjmjMO_RAgiluOgPlM_d
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1NRKE2PBVEHXAE85
age
627811
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
5Jf6aPo8ynapQSYTl9TLqWiK6tW6k/JVe0ev0fN5jyqeGQfsRalW3xOgNFB1T8Lxi1j0+p8Qcjm06k12AmCR3A==
last-modified
Mon, 20 Mar 2023 04:09:45 GMT
server
cloudflare
etag
W/"d519ea27f763cb6ec80aeec5b45213a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRndseoBfFLMafHugCqpjPTZp36XYcPFdG4kAEjESOgkq9IP4W%2BGQFJPUBfZANp%2FTXQWBFZhNMxL2mar2km293IkLsQ%2B%2BD0S7Gnzo%2FMsIxuu%2FSmrsF1%2BsFnUpUjxM8kSjzhavak%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7ae74c4d4c202901-ORD
expires
Tue, 19 Mar 2024 04:09:44 GMT
web-widget-5324-464baaa.js
static.zdassets.com/web_widget/latest/classic/ Frame D07E 		494 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-464baaa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-464baaa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c57dc9c3c398f7cbea55f54a15ebdad2a9af19e47c8d7476ffd0e39c556b6ca6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:52 GMT
x-amz-version-id
zLgSMYGPtgiK5wq5m3jGdMDNb5k7Xzs9
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
7G7CEPMKDWV0D37Z
age
627812
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
othh6N/cQz0QxwnEolIwmjatJ9YHNdVTR3rufByN8eyguRYb/9AcT4hVzN+LtDvwNnvYg7cI/++MMrUnECsQwA==
last-modified
Mon, 20 Mar 2023 04:09:45 GMT
server
cloudflare
etag
W/"b29e77a9599607885e686581bca36843"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzy%2Bjby1WN8UVUYeeXSley3sXewgKKasTM9RHqYYEOYEf%2FamIZ%2BWncUYMNS2zz9cMUZJHDewaJAnH6OLV09GS%2FrdAq3fx%2FmuHBfS%2B2kaqZFrVZWBMFISWgN0rGUNtBTaUHz3IBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7ae74c4d4c222901-ORD
expires
Tue, 19 Mar 2024 04:09:44 GMT
en-us-json-464baaa.js
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame D07E 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-464baaa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-464baaa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b1e453d0d95718e19766d3023ea82dc059f728f3b112b7980773c109ac0bd31
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:52 GMT
x-amz-version-id
4h6QlG3__zMlftY.cuF.dh776KKSEUvw
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
R2HMMC6P1EVNQM5T
age
316980
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
m1NXcTy07yMgj6nDyB+fXLNn4TXEhWL56r4jDC94VOZJsYBBxf/KKUAl+ZczjKG9phoHq2lEkZQ=
last-modified
Mon, 20 Mar 2023 04:09:47 GMT
server
cloudflare
etag
W/"89b68f56c96d15075b04b0ea633eabf1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDWcA5e1He4nOBsMDTbeLOtUc6reFsge5SapIZ7xO2g5H7qgieIoHblgZYKmmhVlCr3vhhEd0PNSmulG2vFc4KZ6GMFKczYOfTovC9VZ7PxM9N3BFzy2XEUPvrLbslWDuW%2FO5K8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7ae74c4f7da72901-ORD
expires
Tue, 19 Mar 2024 04:09:46 GMT
status
widget-mediator.zopim.com/client/widget/account/ Frame D07E 		348 B
945 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget-mediator.zopim.com/client/widget/account/status?embed_key=KVrEpwsPLOhqCkAgBfGQDhIGfUpjl8zr
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-32caac228613062705f8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.103.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-103-181.compute-1.amazonaws.com
Software
/ Express
Resource Hash
63a34721443f0d77296b86c2da32e0b78f2517d896396fa7cbb49a95f81b5d1c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:52 GMT
x-powered-by
Express
etag
W/"15c-51K0xetg4dYuPB/TwrD8NePksvY"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30
access-control-allow-headers
Content-Type
content-length
348
embeddable_blip
conexasaude3465.zendesk.com/ Frame D07E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://conexasaude3465.zendesk.com/embeddable_blip?type=performance&data=eyJwZXJmb3JtYW5jZSI6eyJpbml0SW50ZXJ2YWwiOjEwNzAsImNvbmZpZ0xvYWRUaW1lIjoxNzksIndpZGdldFR5cGUiOiJjbGFzc2ljIiwiaXNNb2JpbGUiOmZhbHNlfSwiYnVpZCI6Ijg3MDdlYzY0OGQzZDQ0NGU4NmUxZDhkZGJlNjQwZjVlIiwic3VpZCI6Ijk2NGY2ZmI0MDg5MDQyZjVhNTBhYTJkN2YzNGM5Mzc2IiwidmVyc2lvbiI6IjQ2NGJhYWEiLCJ0aW1lc3RhbXAiOiIyMDIzLTAzLTI3VDExOjI5OjUyLjYzNloiLCJ1cmwiOiJodHRwczovL3BhY2llbnRlLmNvbmV4YXNhdWRlLmNvbS5ici9sb2dpbi9yb25kb25vcG9saXMvIn0=
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-32caac228613062705f8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:29:52 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Mar 2023 11:29:52 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyg6BsMByl67t0PKFvIFRPTgEnYsarbeKfPfIpUZ7tTAiuf8eyjNK6iDhCGsuleu%2FelIL47ZhWRk2yOMER1nuz8f7xdmW2e0RkQOhFjOI5lmVqvSLfb%2BRNNGeETkjZxDqPz05MhIdxH2fiv0rw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
7ae74c501f2529d8-ORD
content-length
0
x-request-id
7ae74c501f2529d8-IAD
1478715672311879
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1478715672311879?v=2.9.100&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f036:1d:face:b00c:0:3 Berlin, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d12dedf0572550127a943897108bca27e96be271f377f4a0c029c2735504b704
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 27 Mar 2023 11:29:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
6esrKtHHSRINVNB7Ve0u9iY9ekV04j1tj1HR1wiPkL9s6MzjgSze9Ix9vU9j7o0MII75Plgiyf7yofJ7F0TtQw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1048676188893065&ev=PageView&dl=https%3A%2F%2Fpaciente.conexasaude.com.br%2Flogin%2Frondonopolis%2F&rl=&if=false&ts=1679916592870&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.2.1679916592869.2029634216&it=1679916592039&coo=false&tm=1&rqm=GET
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f136:83:face:b00c:0:25de Berlin, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 27 Mar 2023 11:29:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
unip
trc-events.taboola.com/1395292/log/3/ 		0
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1395292/log/3/unip?en=pre_d_eng_tb&tos=1566&scd=0&ssd=1&est=1679916591753&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1679916593319&vi=1679916591750&ri=aca3cf8540eb914f11deee3a2537f0ae&sd=v2_ac56ec5c053f527eee66eaa261352e6d_4cb85304-dd10-4a0e-9ec0-b5430c88d07d-tuctb1b03af_1679916591_1679916591_CNawjgYQ3JRVGIbV05byMCABKAEw4QE4kaQOQNfgDkivotsDUN0EWABgAGiIh7_1yObh82VwAQ&ui=4cb85304-dd10-4a0e-9ec0-b5430c88d07d-tuctb1b03af&ref=null&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fpaciente.conexasaude.com.br%2Flogin%2Frondonopolis%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1395292/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
https://paciente.conexasaude.com.br
pragma
no-cache
date
Mon, 27 Mar 2023 11:29:53 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1478715672311879&ev=PageView&dl=https%3A%2F%2Fpaciente.conexasaude.com.br%2Flogin%2Frondonopolis%2F&rl=&if=false&ts=1679916593583&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.2.1679916592869.2029634216&it=1679916592039&coo=false&tm=1&rqm=GET
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f136:83:face:b00c:0:25de Berlin, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 27 Mar 2023 11:29:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1048676188893065&ev=Microdata&dl=https%3A%2F%2Fpaciente.conexasaude.com.br%2Flogin%2Frondonopolis%2F&rl=&if=false&ts=1679916593584&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Paciente%22%2C%22meta%3Adescription%22%3A%22A%20maior%20plataforma%20de%20teleconsulta%20do%20brasil.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Plataforma%20de%20Teleconsulta%22%2C%22og%3Atype%22%3A%22health%22%2C%22og%3Adescription%22%3A%22A%20maior%20plataforma%20de%20teleconsulta%20do%20brasil.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.conexasaude.com.br%2Farquivos%2Filustracao-instituica-de-saude-plataform.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.2.1679916592869.2029634216&it=1679916592039&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: paciente.conexasaude.com.br
URL: https://paciente.conexasaude.com.br/login/rondonopolis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f136:83:face:b00c:0:25de Berlin, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 27 Mar 2023 11:29:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1478715672311879&ev=Microdata&dl=https%3A%2F%2Fpaciente.conexasaude.com.br%2Flogin%2Frondonopolis%2F&rl=&if=false&ts=1679916594085&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Paciente%22%2C%22meta%3Adescription%22%3A%22A%20maior%20plataforma%20de%20teleconsulta%20do%20brasil.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Plataforma%20de%20Teleconsulta%22%2C%22og%3Atype%22%3A%22health%22%2C%22og%3Adescription%22%3A%22A%20maior%20plataforma%20de%20teleconsulta%20do%20brasil.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.conexasaude.com.br%2Farquivos%2Filustracao-instituica-de-saude-plataform.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.2.1679916592869.2029634216&it=1679916592039&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f136:83:face:b00c:0:25de Berlin, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 27 Mar 2023 11:29:54 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
unip
trc-events.taboola.com/1395292/log/3/ 		0
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1395292/log/3/unip?en=pre_d_eng_tb&tos=4567&scd=0&ssd=1&est=1679916591753&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1679916596321&vi=1679916591750&ri=aca3cf8540eb914f11deee3a2537f0ae&sd=v2_ac56ec5c053f527eee66eaa261352e6d_4cb85304-dd10-4a0e-9ec0-b5430c88d07d-tuctb1b03af_1679916591_1679916591_CNawjgYQ3JRVGIbV05byMCABKAEw4QE4kaQOQNfgDkivotsDUN0EWABgAGiIh7_1yObh82VwAQ&ui=4cb85304-dd10-4a0e-9ec0-b5430c88d07d-tuctb1b03af&ref=null&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fpaciente.conexasaude.com.br%2Flogin%2Frondonopolis%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1395292/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
https://paciente.conexasaude.com.br
pragma
no-cache
date
Mon, 27 Mar 2023 11:29:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-MDH5XR5KB4&gtm=45je33m0&_p=722588972&cid=1552737264.1679916592&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1679916591&sct=1&seg=0&dl=https%3A%2F%2Fpaciente.conexasaude.com.br%2Flogin%2Frondonopolis%2F&dt=Paciente&en=scroll&epn.percent_scrolled=90&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MDH5XR5KB4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paciente.conexasaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Mar 2023 11:29:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paciente.conexasaude.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| appboy object| appboyQueue object| dataLayer object| webpackJsonpconexa-platform object| platform function| setImmediate function| clearImmediate object| OT number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| HowlerGlobal object| Howler function| Howl function| Sound object| zESettings object| google_tag_manager object| google_tag_data object| __tfa_pixel_init object| _tfa function| fbq function| _fbq object| _fbq_gtm_ids object| zEWebpackACJsonp function| zE function| zEmbed string| hostname string| app_path string| urlAw object| languagesAw function| insertSealAw function| sealConditionAw function| xmlGetAw function| gtag string| GoogleAnalyticsObject function| ga object| gaGlobal function| onYouTubeIframeAPIReady function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError boolean| zEACLoaded object| gaplugins object| gaData function| ownKeys function| _objectSpread function| _defineProperty function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles function| pipe object| style function| addCSS object| defaults string| CHATBOX_BTN_CLASS function| makeSession function| _module function| chatlayer function| __trcWarn function| _createForOfIteratorHelper function| $zopim

10 Cookies

Domain/Path Name / Value
.taboola.com/psicologiaviva-psiclogos-br-sc/ Name: taboola_session_id
Value: v2_ac56ec5c053f527eee66eaa261352e6d_4cb85304-dd10-4a0e-9ec0-b5430c88d07d-tuctb1b03af_1679916591_1679916591_CNawjgYQ3JRVGIbV05byMCABKAEw4QE4kaQOQNfgDkivotsDUN0EWABgAGiIh7_1yObh82VwAQ
paciente.conexasaude.com.br/ Name: video-express
Value: c09fd655-7e8e-415e-88d6-dc770f559b31
.conexasaude.com.br/ Name: _gcl_au
Value: 1.1.1573674595.1679916592
.conexasaude.com.br/ Name: _ga_7D7XHTRD6Q
Value: GS1.1.1679916591.1.0.1679916591.0.0.0
.conexasaude.com.br/ Name: _ga_MDH5XR5KB4
Value: GS1.1.1679916591.1.0.1679916591.60.0.0
.conexasaude.com.br/ Name: _ga
Value: GA1.3.1552737264.1679916592
.conexasaude.com.br/ Name: _gid
Value: GA1.3.1192689998.1679916592
.conexasaude.com.br/ Name: _gat_gtag_UA_124174008_8
Value: 1
.taboola.com/ Name: t_gid
Value: 4cb85304-dd10-4a0e-9ec0-b5430c88d07d-tuctb1b03af
.conexasaude.com.br/ Name: _fbp
Value: fb.2.1679916592869.2029634216

1 Console Messages

Source Level URL
Text
network error URL: https://api.conexasaude.com.br/whitelabel/config/cores/codigo_unico/rondonopolis?o=web
Message:
Failed to load resource: the server responded with a status of 422 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.conexasaude.com.br
api.siteblindado.com
cdn.siteblindado.com
cdn.taboola.com
cds.taboola.com
chatbox.prod.europe-west1.gc.chatlayer.ai
conexasaude3465.zendesk.com
connect.facebook.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
js.appboycdn.com
minio.prod.europe-west1.gc.chatlayer.ai
paciente.conexasaude.com.br
pips.taboola.com
s3.sa-east-1.amazonaws.com
static.zdassets.com
stats.g.doubleclick.net
teleconsulta.unimedrondonopolis.com.br
trc-events.taboola.com
trc.taboola.com
widget-mediator.zopim.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.16.53.111
104.18.72.113
13.32.164.89
141.226.224.32
141.226.224.48
151.101.193.44
2600:141b:13::172f:91e1
2600:9000:24d3:ba00:0:ee2:240:93a1
2606:4700:3033::ac43:b7c1
2606:4700::6811:da1f
2606:4700::6812:1996
2607:f8b0:4004:c09::9c
2607:f8b0:4006:816::200a
2607:f8b0:4006:81e::2004
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::2008
2607:f8b0:4006:822::200e
2607:f8b0:4006:824::200e
2a03:2880:f036:1d:face:b00c:0:3
2a03:2880:f136:83:face:b00c:0:25de
2a04:4e42::300
34.78.45.176
52.95.163.96
54.145.103.181
0541499190c257a83eb557812148f5bce92574373eda8555b3c0fa5163df3cd9
070b2b8749a9e9f996434d6f3f0beeb08a6294b84e5450334022ffeb0091db31
081b26433bd1ca389f3dca19b907a78a7c66075f9bd920e42d707bfcbc0bc976
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
087ad088b3e3aab660f9dd8cf0ae9181e05be5ca2c3cc560340f97e629cb0f6e
1024b15789c74b9531cd607b7507c13723879a74bebd70658bec6ed92c025aa7
1036205c570b5106491631061968e2622f73bd046ee9dcd010a338b2a7e8c448
167ca7468f168823d249185af924ee45a9abbd8663cb190d398b956d4b6a9c10
1bcf4a50df354fdacb44fd02bc6e9cd55e53abe7f76c37d7569b8a47003dca8d
21d2ea81f22f44525f201ad9f4702029e0b2bfe65d5a2b534104dbe4b2346bbe
253bfd65599502e6940dc04b8ad727648e0d8b832cb50feadc7425e34318cc7f
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
4b1e453d0d95718e19766d3023ea82dc059f728f3b112b7980773c109ac0bd31
52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b126b8c35fb78f5afaebd5ebf9a43c56595472cafca71b8a988b7050c059a8f
5dafe8b74bfd8567ceb1372730a1fbf9b6c585bfb52a64032f6a37a1df7a522c
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60c36401f5a74700585ef30bc1345839da5d4afeab13751b3ed3ca4c6d784537
63a34721443f0d77296b86c2da32e0b78f2517d896396fa7cbb49a95f81b5d1c
63de27ffda997d78f30f0cb3258cd533a2f8cba71fcd3aac38b098c7c30348bc
73ac0b42948e9f0c904aec5b5d90b138d453c8320b4aeeb3134f86ac340c4d85
795db4127f55baccd27cebcb038c530d4524805e03842dcde1e17b45b27b175e
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7f931912b0e456ad6bcea3d3f1001ada99d293338f5d32951a210353145b9a26
84cb3b040b3f50d5d062ada6c03d56b79db35319b4e079ed78b70758c87bf4f5
8b2162de3b02c800674ed5a8014f616c1527ad3c7a32b35438ef8a7eec25d47b
94ffba8126e72b1476e88f875f2dd1575c78e0a774c710fed8de5c3dd0ce3984
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
99b86511cf14912e76f4919faaa1afef8973796a80505c2f09f182b5fdc4add6
ac516cb0760401339def2de0d127e9348add39539623b01f6d2ba10894c10dd3
b2a2620f8c80c2a750636b97bf184a1888f73ca7eef83cb4768acde615227263
bf3895b412274681ed0ce982e47ae652971c6431d7a5f61b06785f5f070d6820
c57dc9c3c398f7cbea55f54a15ebdad2a9af19e47c8d7476ffd0e39c556b6ca6
d0a27373fd818500aae83e9f8038656207f0d835d726b47b8c586712edd70da8
d0e4454c1eb3baef17403bac1dd5999cf66a230e9c3aa701056cf7a4be50301f
d12d9e811d7def651b9d600d5f4f090742d48f12676e7b1e33ae3cd54220b930
d12dedf0572550127a943897108bca27e96be271f377f4a0c029c2735504b704
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
dc2da56c46941bff9640dd12a50c52e02498b37ee8414d26560660f54037a577
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e896baacc83cac4bb2df03956df2e959a0be6947f0b1cf33ca30e621e12cbfc9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb2391ace1623d54710ed3ba0cc59f6d2604949efc769575c11024b41345b0bc
fc314e15e35adbb302a3264726f279d46b5575eaed3053b490d1d1f297d6bad8