medicoresponde.com.br Open in urlscan Pro
198.50.157.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://medicoresponde.com.br/
Effective URL:
https://medicoresponde.com.br/
Submission Tags: tranco_l324
Submission: On May 08 via api (May 8th 2024, 6:54:27 am UTC) from DE — Scanned from CA

Summary HTTP 51 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 13 domains to perform 51 HTTP transactions. The main IP is 198.50.157.35, located in Canada and belongs to OVH, FR. The main domain is medicoresponde.com.br.
TLS certificate: Issued by R3 on April 2nd 2024. Valid for: 3 months.

This is the only time medicoresponde.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	198.50.157.35 198.50.157.35	16276 (OVH) (OVH)
2 6	142.251.167.155 142.251.167.155	15169 (GOOGLE) (GOOGLE)
1	104.21.71.163 104.21.71.163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.16.97 142.251.16.97	15169 (GOOGLE) (GOOGLE)
6	104.17.32.124 104.17.32.124	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	144.217.229.192 144.217.229.192	16276 (OVH) (OVH)
2 5	18.165.83.63 18.165.83.63	16509 (AMAZON-02) (AMAZON-02)
1	185.14.184.154 185.14.184.154	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 3	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1	142.251.167.132 142.251.167.132	15169 (GOOGLE) (GOOGLE)
1	158.69.248.161 158.69.248.161	16276 (OVH) (OVH)
1	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
1	65.108.188.9 65.108.188.9	24940 (HETZNER-AS) (HETZNER-AS)
1	142.251.16.139 142.251.16.139	15169 (GOOGLE) (GOOGLE)
1	142.251.111.154 142.251.111.154	15169 (GOOGLE) (GOOGLE)
1	142.251.16.94 142.251.16.94	15169 (GOOGLE) (GOOGLE)
2	172.253.62.132 172.253.62.132	15169 (GOOGLE) (GOOGLE)
1	172.253.62.106 172.253.62.106	15169 (GOOGLE) (GOOGLE)
51	19

21 198.50.157.35 (Canada)

ASN16276 (OVH, FR)
PTR: ip35.ip-198-50-157.net

medicoresponde.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.medicoresponde.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.167.155 (Farmingdale, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ww-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.71.163 (None, )

ASN13335 (CLOUDFLARENET, US)

www.honcode.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.32.124 (None, )

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.217.229.192 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ip192.ip-144-217-229.net

eu.7gra.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.165.83.63 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-63.iad55.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.14.184.154 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

geo.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.225.218.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f132.1e100.net

c220930185f5271bfb70d73c76eeb5d9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.248.161 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns542920.ip-158-69-248.net

7gra.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.188.9 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.188.108.65.clients.your-server.de

consent.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.139 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f139.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.111.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	medicoresponde.com.br medicoresponde.com.br static.medicoresponde.com.br	281 KB
7	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 cm.g.doubleclick.net — Cisco Umbrella Rank: 272 stats.g.doubleclick.net — Cisco Umbrella Rank: 89	172 KB
6	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 32708 usr.navdmp.com — Cisco Umbrella Rank: 37812 cdn.navdmp.com — Cisco Umbrella Rank: 24336 sync2.navdmp.com — Cisco Umbrella Rank: 65628 sync.navdmp.com — Cisco Umbrella Rank: 22962	7 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 191	4 KB
4	googlesyndication.com c220930185f5271bfb70d73c76eeb5d9.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	19 KB
3	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1679 ups.analytics.yahoo.com — Cisco Umbrella Rank: 435	458 B
2	google.com analytics.google.com — Cisco Umbrella Rank: 154 www.google.com — Cisco Umbrella Rank: 2	258 B
2	cookie-script.com geo.cookie-script.com — Cisco Umbrella Rank: 29172 consent.cookie-script.com — Cisco Umbrella Rank: 42358	22 KB
2	7gra.us eu.7gra.us — Cisco Umbrella Rank: 235098 7gra.us — Cisco Umbrella Rank: 98695	543 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	161 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 10035	63 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 2546	648 B
1	honcode.ch www.honcode.ch — Cisco Umbrella Rank: 210400	3 KB
51	13

	Domain	Requested by
16	static.medicoresponde.com.br	medicoresponde.com.br static.medicoresponde.com.br
5	sb.scorecardresearch.com	2 redirects medicoresponde.com.br
5	medicoresponde.com.br	medicoresponde.com.br
4	securepubads.g.doubleclick.net	medicoresponde.com.br securepubads.g.doubleclick.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	ups.analytics.yahoo.com	1 redirects medicoresponde.com.br
2	cm.g.doubleclick.net	2 redirects
2	tag.navdmp.com	medicoresponde.com.br tag.navdmp.com
2	www.googletagmanager.com	medicoresponde.com.br www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	www.google.ca
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	consent.cookie-script.com	geo.cookie-script.com
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	7gra.us	static.medicoresponde.com.br
1	c220930185f5271bfb70d73c76eeb5d9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cms.analytics.yahoo.com	1 redirects
1	sync.navdmp.com	medicoresponde.com.br
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	medicoresponde.com.br
1	cdn.navdmp.com	tag.navdmp.com
1	geo.cookie-script.com	www.googletagmanager.com
1	usr.navdmp.com	tag.navdmp.com
1	eu.7gra.us	medicoresponde.com.br
1	www.honcode.ch	medicoresponde.com.br
51	26

This site contains links to these domains. Also see Links.

Domain
www.healthonnet.org

Subject Issuer	Validity	Valid
medicoresponde.com.br R3	`2024-04-02` - `2024-07-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
honcode.ch GTS CA 1P5	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
navdmp.com GTS CA 1P5	`2024-04-02` - `2024-07-01`	3 months	crt.sh
eu.7gra.us R3	`2024-04-10` - `2024-07-09`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-11` - `2024-07-25`	10 months	crt.sh
7gra.us R3	`2024-03-20` - `2024-06-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://medicoresponde.com.br/
Frame ID: BF2C191048F747391DCB7B33D5A6217A
Requests: 48 HTTP requests in this frame

Frame: https://c220930185f5271bfb70d73c76eeb5d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AD1BC0B29E255A202D987FE0C81B846E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B6FD953CBA2C8E90D0A70763254ABCBB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BC437D32CC1D4DF8C206C8A0B4A25E9E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Médico Responde

Page URL History Show full URLs

http://medicoresponde.com.br/ HTTP 307
https://medicoresponde.com.br/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

51
Requests

88 %
HTTPS

0 %
IPv6

13
Domains

26
Subdomains

19
IPs

5
Countries

668 kB
Transfer

1588 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.healthonnet.org/HONcode/Portuguese/?HONConduct838342

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://medicoresponde.com.br/ HTTP 307
https://medicoresponde.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=88502586172 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=88502586172&google_tc= HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=88502586172&google_gid=CAESEBrOMmAvEdftyQh5ptwKxnc&google_cver=1

Request Chain 32

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=3b71663b-219d-4f00-8284-d6d39d82c529

Request Chain 33

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG&verify=true

Request Chain 34

https://sb.scorecardresearch.com/b?c1=2&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1715151261353&ns_c=UTF-8&c7=https%3A%2F%2Fmedicoresponde.com.br%2F&c8=M%C3%A9dico%20Responde&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1715151261353&ns_c=UTF-8&c7=https%3A%2F%2Fmedicoresponde.com.br%2F&c8=M%C3%A9dico%20Responde&c9=

Request Chain 35

https://sb.scorecardresearch.com/b?c1=8&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1715151261354&ns_c=UTF-8&c3=1111&c7=https%3A%2F%2Fmedicoresponde.com.br%2F&c8=M%C3%A9dico%20Responde&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=8&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1715151261354&ns_c=UTF-8&c3=1111&c7=https%3A%2F%2Fmedicoresponde.com.br%2F&c8=M%C3%A9dico%20Responde&c9=

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
medicoresponde.com.br/
Redirect Chain

http://medicoresponde.com.br/
https://medicoresponde.com.br/

62 KB
14 KB

122ms
34ms

Document
text/html

198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

aea6c7e13b87013dea433ad9ef73b878df4f1ee6fb9160d44820669e0e61a164

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=21600
content-encoding: gzip
content-length: 13610
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 06:54:21 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://medicoresponde.com.br/
Non-Authoritative-Reason: HSTS

GET
H2 200 frontoffice.160.css
static.medicoresponde.com.br/assets/ 54 KB
10 KB 39ms
30ms Stylesheet
text/css 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.medicoresponde.com.br/assets/frontoffice.160.css

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

bc30bc3a9e0e6e993ddef29be946b2ab7bf1f13155760424ffaf44d8d38be4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
x-server: CA.C
accept-ranges: bytes
content-length: 9831
expires: Thu, 08 May 2025 06:54:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 185ms
103ms Script
text/javascript 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

9555e0849c8341ab00db22cfeb418e015deffd68ce0d5c3ba98cdcc34412ff00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30095
x-xss-protection: 0
server: cafe
etag: 868 / 19851 / m202405020101 / config-hash: 4073527794522268711
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 08 May 2024 06:54:21 GMT

GET
H2 200 frontoffice.160.js Show response
static.medicoresponde.com.br/assets/ 29 KB
10 KB 64ms
60ms Script
text/javascript 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.medicoresponde.com.br/assets/frontoffice.160.js

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

16a3e62773565c575834c23a737a971202289a5d1ba2ee7d4b1a2ad4d3ec08b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000
x-server: CA.C
accept-ranges: bytes
content-length: 10143
expires: Thu, 08 May 2025 06:54:21 GMT

GET
H2 200 logo.png
static.medicoresponde.com.br/assets/img/ 364 B
619 B 33ms
26ms Image
image/png 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/logo.png

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

1345f3df5720f4ab65e32448ff9c79cef04cbe582e260bf6440ccf72cb45b0be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000
x-server: CA.C
accept-ranges: bytes
content-length: 364
expires: Fri, 07 Jun 2024 06:54:21 GMT

GET
H2 200 dra-rafaella-ericksson_original-60x60.jpg
static.medicoresponde.com.br/upload/user/ 1 KB
2 KB 34ms
27ms Image
image/jpeg 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/upload/user/dra-rafaella-ericksson_original-60x60.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

8d2e326871113a6631199980b6f692da3153f2908a923d16cb1237321bdbba1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: CA.C
accept-ranges: bytes
content-length: 1433
expires: Fri, 07 Jun 2024 06:54:21 GMT

GET
H2 200 dra-janyele-sales_original-60x60.jpg
static.medicoresponde.com.br/upload/user/ 2 KB
2 KB 28ms
28ms Image
image/jpeg 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/upload/user/dra-janyele-sales_original-60x60.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

8df7f56342424e63dd92744bb8742e1815a0e78bdb395676924bd49f8be49c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: CA.C
accept-ranges: bytes
content-length: 1581
expires: Fri, 07 Jun 2024 06:54:21 GMT

GET
H2 200 nicolegeovana-60x60.jpg
static.medicoresponde.com.br/upload/user/ 3 KB
3 KB 27ms
26ms Image
image/jpeg 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/upload/user/nicolegeovana-60x60.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

bef775f255ade6bac5ad4e4cba1ca6d7f3b286b76accebd475aaed1af6ec5cfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: CA.C
accept-ranges: bytes
content-length: 2979
expires: Fri, 07 Jun 2024 06:54:21 GMT

GET
H2 200 top_left.jpg
medicoresponde.com.br/assets/img/h/ 27 KB
28 KB 56ms
53ms Image
image/jpeg 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medicoresponde.com.br/assets/img/h/top_left.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

1667349b051ad404e45fa4bd7ed6c1364e16c88610cab2f2e2365ce1cbb54a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
vary: , X-7Graus-Varnish-User-Agent-Mobile
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27969

GET
H2 200 top_right.jpg
medicoresponde.com.br/assets/img/h/ 7 KB
7 KB 30ms
27ms Image
image/jpeg 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medicoresponde.com.br/assets/img/h/top_right.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

4474e7afa6f1ee42a8257c9bd3e6b7ca1b4023e92aadc3e103577097bf5baa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
vary: , X-7Graus-Varnish-User-Agent-Mobile
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7372

GET
H2 200 bott_left.jpg
medicoresponde.com.br/assets/img/h/ 22 KB
22 KB 45ms
42ms Image
image/jpeg 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medicoresponde.com.br/assets/img/h/bott_left.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

a914d8660b651ae1a80383979c351b679b4a11bc330467b09ccfd7fb7db4e95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
vary: , X-7Graus-Varnish-User-Agent-Mobile
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22690

GET
H2 200 bott_right.jpg
medicoresponde.com.br/assets/img/h/ 13 KB
13 KB 37ms
35ms Image
image/jpeg 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medicoresponde.com.br/assets/img/h/bott_right.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

9e0a47a608b4ac1de5c3a11c4aa41ca80cb0dd820b050e7f8c7c6da3c897ac7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
vary: , X-7Graus-Varnish-User-Agent-Mobile
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13351

GET
H3 200 HONConduct838342_s.gif
www.honcode.ch/HONcode/Seal/ 2 KB
3 KB 285ms
247ms Image
image/gif 104.21.71.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.honcode.ch/HONcode/Seal/HONConduct838342_s.gif

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.71.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d094dd35621b1528eb3847231a675903cc626fa9474d6bb13cf87ee0cd708939

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=16000000
cf-cache-status: MISS
last-modified: Wed, 06 Mar 2019 22:49:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8c4-58374cee34880-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BxcRnv8BH41po1jKPVHp6Y5k7WxHlCGPyMGY2NoYRHilMLBCH7A05Jt5mFZFkAkVKGANJTtPdty5CrWs7hwaxsOVTPN181ZNvyVopDin9zZSBDygbkoPFlUcG0Kvvc%2FkQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
cf-ray: 880789b648d3aae5-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
70 KB 127ms
51ms Script
application/javascript 142.251.16.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX9HLNH9

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

6bceaad37fee398dee3ac29613205a6cf37b764489418e74aee246ab7609790b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70858
x-xss-protection: 0
last-modified: Wed, 08 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 May 2024 06:54:21 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 76ms
28ms Script
application/javascript 104.17.32.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.32.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 559
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 880789b66840a21d-YYZ
expires: Wed, 08 May 2024 07:45:02 GMT

GET
H2 200 / Show response
eu.7gra.us/ 1 B
208 B 93ms
27ms XHR
text/plain 144.217.229.192
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.7gra.us/
Requested by: Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.229.192 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip192.ip-144-217-229.net
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: true
content-length: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hero.jpg
static.medicoresponde.com.br/assets/img/h/ 36 KB
36 KB 66ms
66ms Image
image/jpeg 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/h/hero.jpg

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

96f4d0062b00f92410ea7eee929c29346b50e956793f8b2abe31ee3cfd5ff79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: CA.C
accept-ranges: bytes
content-length: 36820
expires: Fri, 07 Jun 2024 06:54:21 GMT

GET
H2 200 fem.jpg
static.medicoresponde.com.br/assets/img/h/ 21 KB
21 KB 65ms
64ms Image
image/jpeg 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/h/fem.jpg

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

ae9402a1c863fb2f0688d78dceca2ba4d3832111567d0801f6bf10f033c3f019

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: CA.C
accept-ranges: bytes
content-length: 21205
expires: Fri, 07 Jun 2024 06:54:21 GMT

GET
H2 200 male.jpg
static.medicoresponde.com.br/assets/img/h/ 26 KB
26 KB 62ms
61ms Image
image/jpeg 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/h/male.jpg

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

ddadd9c9eabbd03425127536a1bb86d8651bf5d3a7bcce322c5c46f1fdbdb822

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: CA.C
accept-ranges: bytes
content-length: 26157
expires: Fri, 07 Jun 2024 06:54:21 GMT

GET
H2 200 eld.jpg
static.medicoresponde.com.br/assets/img/h/ 20 KB
20 KB 61ms
61ms Image
image/jpeg 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/h/eld.jpg

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

96a83ab2ad178ce5e682c3121648158955e463a0b64dc827310b7f6adafe2b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: CA.C
accept-ranges: bytes
content-length: 20476
expires: Fri, 07 Jun 2024 06:54:21 GMT

GET
H2 200 child.jpg
static.medicoresponde.com.br/assets/img/h/ 18 KB
18 KB 64ms
64ms Image
image/jpeg 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/h/child.jpg

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

41c076b185d2dc7c8bd46fa7332340629be52f1702f3065d487431335d18caaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: CA.C
accept-ranges: bytes
content-length: 18278
expires: Fri, 07 Jun 2024 06:54:21 GMT

GET
H2 200 mind.jpg
static.medicoresponde.com.br/assets/img/h/ 14 KB
15 KB 26ms
26ms Image
image/jpeg 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/h/mind.jpg

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

59becaeaa1622648362b9d6baef1d20ca82c1cf964458513a03d7e75d08b3ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: CA.C
accept-ranges: bytes
content-length: 14727
expires: Fri, 07 Jun 2024 06:54:21 GMT

GET
H2 200 source-sans-pro-700.woff2
static.medicoresponde.com.br/assets/fonts/ 14 KB
14 KB 105ms
48ms Font
font/woff2 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.medicoresponde.com.br/assets/fonts/source-sans-pro-700.woff2

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

cfa9603baa93612a1b37809e9b2eba09a87ec42ad81ba6c532d2eac56cde5b85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Origin: https://medicoresponde.com.br
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: CA.C
accept-ranges: bytes
content-length: 14440
expires: Fri, 07 Jun 2024 06:54:21 GMT

GET
H2 200 source-sans-pro-regular.woff2
static.medicoresponde.com.br/assets/fonts/ 14 KB
15 KB 98ms
42ms Font
font/woff2 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.medicoresponde.com.br/assets/fonts/source-sans-pro-regular.woff2

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

a769166be88381ff553dd898537609ee8a973c37bd5ba3890d6ea0bb7fc2a41c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Origin: https://medicoresponde.com.br
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: CA.C
accept-ranges: bytes
content-length: 14624
expires: Fri, 07 Jun 2024 06:54:21 GMT

GET
H2 200 mr.004.woff2
static.medicoresponde.com.br/assets/fonts/ 2 KB
2 KB 106ms
49ms Font
font/woff2 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.medicoresponde.com.br/assets/fonts/mr.004.woff2

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

b668f0a051806b00623a3c9bb8ddd7d9ae5d926e6bb81becd8dda6a54867b133

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
Origin: https://medicoresponde.com.br
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: CA.C
accept-ranges: bytes
content-length: 1888
expires: Fri, 07 Jun 2024 06:54:21 GMT

GET
H2 200 90679 Show response
tag.navdmp.com/u/ 1 KB
1005 B 64ms
63ms Script
application/javascript 104.17.32.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/90679
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.32.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ada6b170b890499bc3b4f562f319cd28e4108979e4f9e67a2858291f6c4ec8d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 19 Dec 2023 21:00:20 GMT
server: cloudflare
etag: W/"65820464-5a5"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 880789b6984da21d-YYZ
expires: Wed, 08 May 2024 07:54:21 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 131ms
37ms Script
text/javascript 18.165.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-63.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:37:09 GMT
content-encoding: gzip
via: 1.1 fc5ebd2517d85e358aa686aaadd64c2a.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 13:20:45 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P3
age: 1033
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: kwteSv_15dKq-fik3d8TDlb69_LqL6UgsuBukhgTusWxKLLDYi9mpQ==

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
430 B 78ms
73ms Script
application/javascript 104.17.32.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=90679&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.32.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dfe557ae7d66e00300058458e5682da7cb024a2cd38dbdb78403f71d34bff27

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 08 May 2024 06:54:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 880789b7086ea21d-YYZ
expires: Wed, 08 May 2024 07:54:21 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405020101/ 451 KB
141 KB 39ms
38ms Script
text/javascript 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

18bc76065f582541f8902fa223346dbf72391d799ba0c2773a8674fee09435ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 18:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44183
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144164
x-xss-protection: 0
server: cafe
etag: 1387997107622014664
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 07 May 2025 18:37:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
92 KB 65ms
64ms Script
application/javascript 142.251.16.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QZQEPGN19T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX9HLNH9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

c4796387d432ae524b3f3386615583514b091c227edd04a534ef8b11dc4548fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 May 2024 06:54:21 GMT

GET
H2 200 5db71f7f6b9800dcf1418a8b58f956cf.js Show response
geo.cookie-script.com/s/ 128 KB
22 KB 345ms
118ms Script
application/javascript 185.14.184.154
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.cookie-script.com/s/5db71f7f6b9800dcf1418a8b58f956cf.js?country=us-af-al-dz-as-ad-ao-ai-aq-ag-ar-am-aw-au-az-bs-bh-bd-bb-by-bz-bj-bm-bt-bo-bq-ba-bw-bv-br-io-bn-bf-bi-cv-kh-cm-ca-ky-cf-td-cl-cn-cx-cc-co-km-cd-cg-ck-cr-cu-cw-ci-dj-dm-do-ec-eg-sv-gq-er-sz-et-fk-fo-fj-gf-pf-tf-ga-gm-ge-gi-gh-gl-gd-gp-gu-gt-gg-gn-gw-gy-ht-hm-va-hn-hk-is-in-id-ir-iq-im-il-jm-jp-je-jo-kz-ke-ki-kp-kr-kw-kg-la-lb-ls-lr-ly-li-mo-mg-mw-my-mv-ml-mh-mq-mr-mu-yt-mx-fm-md-mc-mn-me-ms-ma-mz-mm-na-np-nr-nc-nz-ni-ne-ng-nu-nf-mp-no-om-pk-pw-ps-pa-pg-py-pe-ph-pn-pr-qa-mk-ru-rw-re-bl-sh-kn-lc-mf-pm-vc-ws-sm-st-sa-sn-rs-sc-sl-sx-sg-sb-so-za-gs-ss-lk-sd-sr-sj-ch-sy-tw-tj-tz-th-tl-tg-tk-to-tt-tn-tr-tm-tc-tv-ua-ug-ae-um-uy-uz-vu-ve-vn-vg-vi-wf-eh-ye-zm-zw-ax
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX9HLNH9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.14.184.154 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 50a8145137d4d0d76715ce59aa50872c3c9d568441cf276fe36314be2b899b4d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 08 May 2024 06:54:21 GMT
content-encoding: gzip
last-modified: Wed, 08 May 2024 01:04:10 GMT
x-cache-status: HIT
content-type: application/javascript

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 67ms
62ms Script
application/x-javascript 104.17.32.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=149b2a4b3c27ed7d19342d9d8210%7C0&acc=90679&tit=M%25E9dico%2520Responde&url=https%253A%2F%2Fmedicoresponde.com.br%2F&upd=1&new=1&h1=M%25E9dico%2520Responde
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.32.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 880789b7889ca21d-YYZ
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=88502586172
https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=88502586172&google_tc=
https://sync2.navdmp.com/sync?prtid=2&id=88502586172&google_gid=CAESEBrOMmAvEdftyQh5ptwKxnc&google_cver=1

6 B
57 B

122ms
117ms

Script
application/javascript

104.17.32.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=88502586172&google_gid=CAESEBrOMmAvEdftyQh5ptwKxnc&google_cver=1
Requested by: Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/
Protocol: H2
Server: 104.17.32.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 880789b838e6a21d-YYZ
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Wed, 08 May 2024 06:54:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=88502586172&google_gid=CAESEBrOMmAvEdftyQh5ptwKxnc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=3b71663b-219d-4f00-8284-d6d39d82c529

43 B
129 B

68ms
62ms

Image
image/gif

104.17.32.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=3b71663b-219d-4f00-8284-d6d39d82c529
Requested by: Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/
Protocol: H2
Server: 104.17.32.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 880789b8a90ea21d-YYZ
content-length: 43
content-type: image/gif

Redirect headers

Date: Wed, 08 May 2024 06:54:21 GMT
Server: MT3 1549 cea2cde master ord ord-pixel-x26 config_version:"2700"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://sync.navdmp.com/sync?img=1&mdia=3b71663b-219d-4f00-8284-d6d39d82c529
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 08 May 2024 06:54:20 GMT

GET
H2

404

cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG&verify=true

0
17 B

39ms
39ms

Image
text/plain

3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG&verify=true

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.112 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.112
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG&verify=true
date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.112
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1715151261353&ns_c=UTF-8&c7=https%3A%2F%2Fmedicoresponde.com.br%2F&c8=M%C3%A9dico%20Responde&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1715151261353&ns_c=UTF-8&c7=https%3A%2F%2Fmedicoresponde.com.br%2F&c8=M%C3%A9dico%20Responde&c9=

0
225 B

38ms
37ms

Image
text/plain

18.165.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1715151261353&ns_c=UTF-8&c7=https%3A%2F%2Fmedicoresponde.com.br%2F&c8=M%C3%A9dico%20Responde&c9=
Requested by: Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/
Protocol: H2
Server: 18.165.83.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-63.iad55.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
via: 1.1 fc5ebd2517d85e358aa686aaadd64c2a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P3
x-amz-cf-id: i7MCWt19JeQR2qpiwi2dZw7yvE3J6tddlKPyOPFvLl6fZNKg8zOwTA==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 08 May 2024 06:54:21 GMT
via: 1.1 fc5ebd2517d85e358aa686aaadd64c2a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P3
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1715151261353&ns_c=UTF-8&c7=https%3A%2F%2Fmedicoresponde.com.br%2F&c8=M%C3%A9dico%20Responde&c9=
content-length: 0
x-amz-cf-id: -on92oD56pNiOlDkpWEV9X1ZLFh8wC7pvRbhWawGm2KYfeflFAd1xQ==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=8&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1715151261354&ns_c=UTF-8&c3=1111&c7=https%3A%2F%2Fmedicoresponde.com.br%2F&c8=M%C3%A9dico%20Responde&c9=
https://sb.scorecardresearch.com/b2?c1=8&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1715151261354&ns_c=UTF-8&c3=1111&c7=https%3A%2F%2Fmedicoresponde.com.br%2F&c8=M%C3%A9dico%20Responde&c9=

0
225 B

38ms
38ms

Image
text/plain

18.165.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=8&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1715151261354&ns_c=UTF-8&c3=1111&c7=https%3A%2F%2Fmedicoresponde.com.br%2F&c8=M%C3%A9dico%20Responde&c9=
Requested by: Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/
Protocol: H2
Server: 18.165.83.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-63.iad55.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
via: 1.1 fc5ebd2517d85e358aa686aaadd64c2a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P3
x-amz-cf-id: vxFNjmWTMFzj160LmXryuMAtJt1UXcqN_ubbozduMkmftRwKkMumNA==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 08 May 2024 06:54:21 GMT
via: 1.1 fc5ebd2517d85e358aa686aaadd64c2a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P3
x-cache: Miss from cloudfront
location: /b2?c1=8&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1715151261354&ns_c=UTF-8&c3=1111&c7=https%3A%2F%2Fmedicoresponde.com.br%2F&c8=M%C3%A9dico%20Responde&c9=
content-length: 0
x-amz-cf-id: iCJcxxNO-0fdB5nqBhTP4mmm3NWmrmPI4fK3_iTMQixgBsCg3SMCJw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 880 B
446 B 280ms
280ms Fetch
text/plain 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4474851702548766&correlator=2338913287645386&eid=31083225&output=ldjh&gdfp_req=1&vrg=202405020101&ptt=17&impl=fif&iu_parts=92076944%2Cmedicoresponde_footer_mrec&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1715151261502&lmt=1715151261&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fmedicoresponde.com.br%2F&vis=1&psz=964x0&msz=300x254&fws=128&ohw=0&ga_vid=970646091.1715151262&ga_sid=1715151262&ga_hid=2121160609&ga_fc=false&dlt=1715151261073&idt=388&adks=3890409618&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

2fa0e0fdaad0a4d1c20274e3bf00a08bda0258b53f86a4aef619f37b86e6754f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 416
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://medicoresponde.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c220930185f5271bfb70d73c76eeb5d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AD1B 0
0 128ms
38ms Document
text/html 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c220930185f5271bfb70d73c76eeb5d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://medicoresponde.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 06:54:21 GMT
expires: Thu, 08 May 2025 06:54:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 797 B
388 B 485ms
484ms Fetch
text/plain 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4474851702548766&correlator=2338913287645386&eid=31083225&output=ldjh&gdfp_req=1&vrg=202405020101&ptt=17&impl=fif&iu_parts=92076944%2CMEDICORESPONDE_BR_HOME_HALFPAGE&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C240x400%7C300x250%7C120x600%7C250x250%7C200x200&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1715151261536&lmt=1715151261&adxs=976&adys=2639&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fmedicoresponde.com.br%2F&vis=1&psz=311x680&msz=311x620&fws=0&ohw=0&ga_vid=970646091.1715151262&ga_sid=1715151262&ga_hid=2121160609&ga_fc=false&dlt=1715151261073&idt=388&adks=2498134603&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

e613ea7d7c2703ca82517a6ecf0d2636e65f6f00ef463a78da2468e6a10313fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://medicoresponde.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bhof.js Show response
7gra.us/ 15 B
335 B 102ms
32ms Script
text/javascript 158.69.248.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://7gra.us/bhof.js

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.69.248.161 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns542920.ip-158-69-248.net

Software

nginx /

Resource Hash

94e0db1d92e7f7bca01cc07a16abb8c2e9bf762e9742100be5103daa4603539c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 08 May 2024 06:54:21 GMT
pragma: no-cache
date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
server: nginx
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 182ms
103ms XHR
application/json 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

fbf69fc605b386607efacda66ca6b2eb8c34e58f31f9d995243e9b0d7522c4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12243
x-xss-protection: 0

GET
H2 200 analytics Show response
consent.cookie-script.com/ 47 B
452 B 742ms
473ms XHR
application/json 65.108.188.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookie-script.com/analytics?action=firstshown&time=1715151261788&script=5db71f7f6b9800dcf1418a8b58f956cf&category=
Requested by: Host: geo.cookie-script.com
URL: https://geo.cookie-script.com/s/5db71f7f6b9800dcf1418a8b58f956cf.js?country=us-af-al-dz-as-ad-ao-ai-aq-ag-ar-am-aw-au-az-bs-bh-bd-bb-by-bz-bj-bm-bt-bo-bq-ba-bw-bv-br-io-bn-bf-bi-cv-kh-cm-ca-ky-cf-td-cl-cn-cx-cc-co-km-cd-cg-ck-cr-cu-cw-ci-dj-dm-do-ec-eg-sv-gq-er-sz-et-fk-fo-fj-gf-pf-tf-ga-gm-ge-gi-gh-gl-gd-gp-gu-gt-gg-gn-gw-gy-ht-hm-va-hn-hk-is-in-id-ir-iq-im-il-jm-jp-je-jo-kz-ke-ki-kp-kr-kw-kg-la-lb-ls-lr-ly-li-mo-mg-mw-my-mv-ml-mh-mq-mr-mu-yt-mx-fm-md-mc-mn-me-ms-ma-mz-mm-na-np-nr-nc-nz-ni-ne-ng-nu-nf-mp-no-om-pk-pw-ps-pa-pg-py-pe-ph-pn-pr-qa-mk-ru-rw-re-bl-sh-kn-lc-mf-pm-vc-ws-sm-st-sa-sn-rs-sc-sl-sx-sg-sb-so-za-gs-ss-lk-sd-sr-sj-ch-sy-tw-tj-tz-th-tl-tg-tk-to-tt-tn-tr-tm-tc-tv-ua-ug-ae-um-uy-uz-vu-ve-vn-vg-vi-wf-eh-ye-zm-zw-ax
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.108.188.9 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.188.108.65.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 52ea8162cf95f76434a16dd1cc4c41ee6a8e33799237d4b9b8bba2397dc16ce3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:22 GMT
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P7
x-amzn-trace-id: Root=1-663b219e-73722eab7e317a33046d6ba5;Parent=20dba2f54c31e612;Sampled=0;lineage=a8669a4e:0
x-amzn-requestid: b7d5e951-6bec-4137-a739-39ff4469a0d3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: XcIwxF9ODoEEFkw=
content-length: 47
x-amz-cf-id: cMDUj5lQzkJdejTGY8dlOAJTXgq5F0iPUXo1pkMI4T264X_wlye_mw==

GET
H2 200 favicon.ico
static.medicoresponde.com.br/ 15 KB
2 KB 27ms
27ms Other
image/x-icon 198.50.157.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.medicoresponde.com.br/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

198.50.157.35 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip35.ip-198-50-157.net

Software

nginx /

Resource Hash

7967f415a09f82b2797f6304f453f8718409a4e4d99070f77e5a33893c26e060

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 01 Jun 2023 17:51:23 GMT
server: nginx
content-encoding: gzip
vary: Accept-Encoding
content-type: image/x-icon
cache-control: max-age=604800
x-server: CA.C
expires: Wed, 15 May 2024 06:54:21 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
258 B 129ms
45ms Ping
text/plain 142.251.16.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QZQEPGN19T&gtm=45je4510v9137561373z89172016662za200&_p=1715151261107&_gaz=1&gcs=G111&gcd=13t3t3l3l5&npa=0&dma=0&cid=970646091.1715151262&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715151261&sct=1&seg=0&dl=https%3A%2F%2Fmedicoresponde.com.br%2F&dt=M%C3%A9dico%20Responde&en=page_view&_fv=1&_ss=1&tfd=1024
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QZQEPGN19T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.16.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f139.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 08 May 2024 06:54:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medicoresponde.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 121ms
44ms Ping
text/plain 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QZQEPGN19T&cid=970646091.1715151262&gtm=45je4510v9137561373z89172016662za200&aip=1&dma=0&gcs=G111&gcd=13t3t3l3l5&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QZQEPGN19T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bk-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 08 May 2024 06:54:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medicoresponde.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 92ms
50ms Image
image/gif 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QZQEPGN19T&cid=970646091.1715151262&gtm=45je4510v9137561373z89172016662za200&aip=1&dma=0&gcs=G111&gcd=13t3t3l3l5&npa=0&frm=0&z=1026199296

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 08 May 2024 06:54:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 114ms
38ms Script
text/javascript 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicoresponde.com.br/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 May 2024 06:54:22 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B6FD 0
0 112ms
37ms Document
text/html 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://medicoresponde.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 101009
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 May 2024 02:50:53 GMT
expires: Wed, 07 May 2025 02:50:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame BC43 0
0 130ms
54ms Document
text/html 172.253.62.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f106.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OWspxwWHbFx60Ovq9MjBXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://medicoresponde.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OWspxwWHbFx60Ovq9MjBXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 06:54:22 GMT
expires: Wed, 08 May 2024 06:54:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405020101&jk=4474851702548766&bg=!j4yljMPNAAZxHNKdURw7ADQBe5WfOAVXx27KYYprVLDfTOCTX9QhJMLtHbJGFZJHFC1qcPGRrgW936FVnKupC0xuEEw_AgAAADlSAAAAAmgBB34ANbhaj5TEAQxxiefLPpgfnXNNIa2DhatatRVsR9GNrFDHw0WmB0D3G_YmGsYAr_lLd5DUbg6rmQKZPn4qKq3MceKGBNbxu_39wayI7mcaZIE4l2CkFYkpekiIxDZatq4OXEzjE1U-p_1iOlsiyZ1xbm9pnyv12RWo6Q9su4sOY4vLJ7oUj4hhhFDOA2ru-sHJRjSYZNdpvL3LIydtfUyfiDKjdVKdqVmIkrgwWXLPOSDMA_wzjIUpj-GzZBGgiwXrTo-4k_3LkoMxEJx7_JOGkQ9ZSwcFprzYXPoWjTXGsyLmRxFpSrstnZ5UXum-6W1orBj9xqhD_XJdyj4Gmy_VZsCeVzq7cYl5yNug15aaDYGjexypIruE9-o6nvX_uj5HnuNElrAiD9UBVyepQA_XLNnfSwwpIQGsxkyW1uUBEYk6o1wa2vDxEGqcpYEZhYXmUqj2bGSr-JwHjLG5uEZ4COBkq70HroPDMmVcLDR8H95T3P0l3d2xr4_mlxW5ykL9yFZZBMlcTCprIDz0hqETPBGMzXQmq6bzZ5H7XNKhpgYud4WnEDoqbboC-cOp4X4L519tfuo-HjzNllv-w_nHtYAQ0JewNLZR-BkDXpKIL0QCvxpfaGJUSlfMk8A4NjxsSFR_tzxHHzwUz1INAR5HBKwtkx0U-1ZT3kvDBCg1whN7MOgJVpyP8ZnIG89na3GamQzQdC6lQYkUABvsqOv8SAqIYaRH0SBi4LO6kODtAs3XaCBIn8xRp5sEuL3QXHIpPRaPHryszya4BUkWu9zP-TCPJJllE234HeRuh6SrgV4HYhnDfJc-OKbF_OqWyxK-Z49aI6BtKilpE51rNp7mlbawaXwVx_3OdMKQEXMMsJk_dEZp8IhJt63e_R56Mx-V4WcpkmzM_bTXhKqx510aRXmU0ch151ib46EaGS55VNqPezRx2Y6uGKFmPy2Z9r5YkAM

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.navdmp.com/	1970-01-21 05:11:48	Name: ac3 Value: 1
.navdmp.com/	1970-01-21 06:01:51	Name: nid Value: 149b2a4b3c3448b3cd82a726c210\|1\|158
.scorecardresearch.com/	1970-01-21 06:01:51	Name: UID Value: 1041f6b38d6e8fb676251f71715151261
.scorecardresearch.com/	1970-01-20 22:35:27	Name: PID Value: 1971f6b38d89bfb676250441715151261
.scorecardresearch.com/	1970-01-21 06:01:51	Name: XID Value: 1041f6b38d6e8fb676251f71715151261
.doubleclick.net/	1970-01-21 06:01:51	Name: IDE Value: AHWqTUnExT2AQMAafoq6KAx_cOI2lBPi1kA_R_kkzI4II4OOEiJui_fOC8LT6UbSaXU
.mathtag.com/	1970-01-21 05:51:46	Name: uuid Value: 3b71663b-219d-4f00-8284-d6d39d82c529
.yahoo.com/	1970-01-21 05:11:48	Name: A3 Value: d=AQABBJ0hO2YCEI0KP-GTYTty7uSIM3-mwCAFEgEBAQFzPGZFZiXaxyMA_eMAAA&S=AQAAAnsVGQnjOyn0edbR43HtVGA
medicoresponde.com.br/	1970-01-21 05:11:27	Name: CookieScriptConsent Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","ad_user_data":"targeting","ad_personalization":"targeting","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"},"bannershown":1}
.medicoresponde.com.br/	1970-01-21 06:01:51	Name: _ga_QZQEPGN19T Value: GS1.1.1715151261.1.0.1715151261.60.0.0
.medicoresponde.com.br/	1970-01-21 06:01:51	Name: _ga Value: GA1.1.970646091.1715151262

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG&verify=true Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://medicoresponde.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7gra.us
analytics.google.com
c220930185f5271bfb70d73c76eeb5d9.safeframe.googlesyndication.com
cdn.navdmp.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
consent.cookie-script.com
eu.7gra.us
geo.cookie-script.com
medicoresponde.com.br
pagead2.googlesyndication.com
pixel.mathtag.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.medicoresponde.com.br
stats.g.doubleclick.net
sync.navdmp.com
sync2.navdmp.com
tag.navdmp.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
usr.navdmp.com
www.google.ca
www.google.com
www.googletagmanager.com
www.honcode.ch
pagead2.googlesyndication.com
104.17.32.124
104.21.71.163
142.251.111.154
142.251.16.139
142.251.16.94
142.251.16.97
142.251.167.132
142.251.167.155
144.217.229.192
158.69.248.161
172.253.62.106
172.253.62.132
172.253.62.154
18.165.83.63
185.14.184.154
198.50.157.35
216.200.232.253
3.225.218.10
65.108.188.9
0ada6b170b890499bc3b4f562f319cd28e4108979e4f9e67a2858291f6c4ec8d
1345f3df5720f4ab65e32448ff9c79cef04cbe582e260bf6440ccf72cb45b0be
1667349b051ad404e45fa4bd7ed6c1364e16c88610cab2f2e2365ce1cbb54a94
16a3e62773565c575834c23a737a971202289a5d1ba2ee7d4b1a2ad4d3ec08b4
18bc76065f582541f8902fa223346dbf72391d799ba0c2773a8674fee09435ff
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
2fa0e0fdaad0a4d1c20274e3bf00a08bda0258b53f86a4aef619f37b86e6754f
41c076b185d2dc7c8bd46fa7332340629be52f1702f3065d487431335d18caaf
4474e7afa6f1ee42a8257c9bd3e6b7ca1b4023e92aadc3e103577097bf5baa5c
50a8145137d4d0d76715ce59aa50872c3c9d568441cf276fe36314be2b899b4d
52ea8162cf95f76434a16dd1cc4c41ee6a8e33799237d4b9b8bba2397dc16ce3
59becaeaa1622648362b9d6baef1d20ca82c1cf964458513a03d7e75d08b3ee8
5dfe557ae7d66e00300058458e5682da7cb024a2cd38dbdb78403f71d34bff27
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6bceaad37fee398dee3ac29613205a6cf37b764489418e74aee246ab7609790b
7967f415a09f82b2797f6304f453f8718409a4e4d99070f77e5a33893c26e060
8d2e326871113a6631199980b6f692da3153f2908a923d16cb1237321bdbba1c
8df7f56342424e63dd92744bb8742e1815a0e78bdb395676924bd49f8be49c78
94e0db1d92e7f7bca01cc07a16abb8c2e9bf762e9742100be5103daa4603539c
9555e0849c8341ab00db22cfeb418e015deffd68ce0d5c3ba98cdcc34412ff00
96a83ab2ad178ce5e682c3121648158955e463a0b64dc827310b7f6adafe2b2e
96f4d0062b00f92410ea7eee929c29346b50e956793f8b2abe31ee3cfd5ff79f
9e0a47a608b4ac1de5c3a11c4aa41ca80cb0dd820b050e7f8c7c6da3c897ac7d
a769166be88381ff553dd898537609ee8a973c37bd5ba3890d6ea0bb7fc2a41c
a914d8660b651ae1a80383979c351b679b4a11bc330467b09ccfd7fb7db4e95d
ae9402a1c863fb2f0688d78dceca2ba4d3832111567d0801f6bf10f033c3f019
aea6c7e13b87013dea433ad9ef73b878df4f1ee6fb9160d44820669e0e61a164
b668f0a051806b00623a3c9bb8ddd7d9ae5d926e6bb81becd8dda6a54867b133
bc30bc3a9e0e6e993ddef29be946b2ab7bf1f13155760424ffaf44d8d38be4f6
bef775f255ade6bac5ad4e4cba1ca6d7f3b286b76accebd475aaed1af6ec5cfd
c4796387d432ae524b3f3386615583514b091c227edd04a534ef8b11dc4548fd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa9603baa93612a1b37809e9b2eba09a87ec42ad81ba6c532d2eac56cde5b85
d094dd35621b1528eb3847231a675903cc626fa9474d6bb13cf87ee0cd708939
ddadd9c9eabbd03425127536a1bb86d8651bf5d3a7bcce322c5c46f1fdbdb822
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e613ea7d7c2703ca82517a6ecf0d2636e65f6f00ef463a78da2468e6a10313fa
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbf69fc605b386607efacda66ca6b2eb8c34e58f31f9d995243e9b0d7522c4b9

medicoresponde.com.br Open in urlscan Pro 198.50.157.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

88 %HTTPS

0 %IPv6

13 Domains

26 Subdomains

19 IPs

5 Countries

668 kBTransfer

1588 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

medicoresponde.com.br Open in urlscan Pro
198.50.157.35 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

88 %
HTTPS

0 %
IPv6

13
Domains

26
Subdomains

19
IPs

5
Countries

668 kB
Transfer

1588 kB
Size

11
Cookies

51 HTTP transactions
0 data transactions