urlscan.io logo urlscan.io
SecurityTrails logo

www.contasmedicas.com Open in urlscan Pro
177.101.144.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.contasmedicas.com/
Effective URL: https://www.contasmedicas.com/web/
Submission: On August 25 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 34 HTTP transactions. The main IP is 177.101.144.123, located in Brazil and belongs to Central Server Informatica Ltda, BR. The main domain is www.contasmedicas.com.
TLS certificate: Issued by R3 on August 25th 2021. Valid for: 3 months.
This is the only time www.contasmedicas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 16 177.101.144.123 262790 (Central S...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a03:2880:f11... 32934 (FACEBOOK)
34 6
16    177.101.144.123 (Brazil)

ASN262790 (Central Server Informatica Ltda, BR)
PTR: www0021.centralserver.com.br
www.contasmedicas.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
scontent.xx.fbcdn.net
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
12    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
16 www.contasmedicas.com 2 redirects www.contasmedicas.com
12 www.facebook.com connect.facebook.net
www.facebook.com
2 scontent.xx.fbcdn.net www.facebook.com
2 connect.facebook.net www.contasmedicas.com
connect.facebook.net
2 www.google-analytics.com www.contasmedicas.com
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
0 fonts.googleapis.com Failed www.contasmedicas.com
34 7

This site contains links to these domains. Also see Links.

Domain
goo.gl
www.e2g.com.br
Subject Issuer Validity Valid
contasmedicas.com
R3		 2021-08-25 -
2021-11-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.contasmedicas.com/web/
Frame ID: 4A068857FAD1F03C3603F105D9E35476
Requests: 20 HTTP requests in this frame

Frame: https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
Frame ID: DD4B755F883E852613041F223C92DE12
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Contas Médicas

Page URL History Show full URLs

  1. https://www.contasmedicas.com/ HTTP 302
    https://www.contasmedicas.com/web HTTP 301
    https://www.contasmedicas.com/web/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+foundation[^>"]+css/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

34
Requests

97 %
HTTPS

80 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

548 kB
Transfer

1593 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.contasmedicas.com/ HTTP 302
    https://www.contasmedicas.com/web HTTP 301
    https://www.contasmedicas.com/web/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.contasmedicas.com/web/
Redirect Chain
  • https://www.contasmedicas.com/
  • https://www.contasmedicas.com/web
  • https://www.contasmedicas.com/web/
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx / PHP/5.6.40 PleskLin
Resource Hash
b41fcbfa6189cd39af960bde2010dc569157feeb46f3c62bd444ab9313231552

Request headers

:method
GET
:authority
www.contasmedicas.com
:scheme
https
:path
/web/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server
nginx
date
Wed, 25 Aug 2021 15:32:58 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.6.40 PleskLin
content-encoding
br

Redirect headers

server
nginx
date
Wed, 25 Aug 2021 15:32:57 GMT
content-type
text/html; charset=iso-8859-1
content-length
242
location
https://www.contasmedicas.com/web/
x-powered-by
PleskLin
foundation.css
www.contasmedicas.com/web/css/ 		184 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.contasmedicas.com/web/css/foundation.css
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx / PleskLin
Resource Hash
f5bc2c1d679f9740952be19e7b1b80c6b0baa723a2c4b98fddcc398954768113

Request headers

:path
/web/css/foundation.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.contasmedicas.com
referer
https://www.contasmedicas.com/web/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.contasmedicas.com/web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:32:58 GMT
content-encoding
br
etag
W/"55c91ea0-2de39"
last-modified
Mon, 10 Aug 2015 21:58:56 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
webicons.css
www.contasmedicas.com/web/css/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.contasmedicas.com/web/css/webicons.css
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx / PleskLin
Resource Hash
c7d2b827a6be41d0a0e1bd694bf1a6ef7afc136475d52d7adc2c5387c1fd423d

Request headers

:path
/web/css/webicons.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.contasmedicas.com
referer
https://www.contasmedicas.com/web/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.contasmedicas.com/web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:32:58 GMT
content-encoding
br
etag
W/"55c91e9d-6bf7"
last-modified
Mon, 10 Aug 2015 21:58:53 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
modernizr.js
www.contasmedicas.com/web/js/vendor/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contasmedicas.com/web/js/vendor/modernizr.js
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx / PleskLin
Resource Hash
5447e08f370416d37f951327be656b3a2e077a132757d1aa890ddcf9fafe6c6c

Request headers

:path
/web/js/vendor/modernizr.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.contasmedicas.com
referer
https://www.contasmedicas.com/web/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.contasmedicas.com/web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:32:58 GMT
content-encoding
br
etag
W/"55c91efd-2c06"
last-modified
Mon, 10 Aug 2015 22:00:29 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
jquery.maskedinput.js
www.contasmedicas.com/web/js/vendor/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contasmedicas.com/web/js/vendor/jquery.maskedinput.js
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx /
Resource Hash

Request headers

:path
/web/js/vendor/jquery.maskedinput.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.contasmedicas.com
referer
https://www.contasmedicas.com/web/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.contasmedicas.com/web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:32:58 GMT
content-encoding
br
server
nginx
content-type
text/html; charset=iso-8859-1
logo-contas-medicas.png
www.contasmedicas.com/web/img/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contasmedicas.com/web/img/logo-contas-medicas.png
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx / PleskLin
Resource Hash
7df736f867000f402afe16904ccc732c6863f45660975a0e81e3adf69e536c59

Request headers

:path
/web/img/logo-contas-medicas.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.contasmedicas.com
referer
https://www.contasmedicas.com/web/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.contasmedicas.com/web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:32:59 GMT
last-modified
Mon, 10 Aug 2015 22:04:34 GMT
server
nginx
x-powered-by
PleskLin
etag
"55c91ff2-48c2"
content-type
image/png
accept-ranges
bytes
content-length
18626
logo-contas-medicas-txt.png
www.contasmedicas.com/web/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contasmedicas.com/web/img/logo-contas-medicas-txt.png
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx / PleskLin
Resource Hash
9baaf9c2597705ec948424eaf0670c061403b8fe213fccb4f6a58724346d6eee

Request headers

:path
/web/img/logo-contas-medicas-txt.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.contasmedicas.com
referer
https://www.contasmedicas.com/web/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.contasmedicas.com/web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:32:59 GMT
last-modified
Mon, 10 Aug 2015 22:04:34 GMT
server
nginx
x-powered-by
PleskLin
etag
"55c91ff2-216f"
content-type
image/png
accept-ranges
bytes
content-length
8559
BANNER-20150827-032439.jpg
www.contasmedicas.com/upload/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contasmedicas.com/upload/BANNER-20150827-032439.jpg
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx / PleskLin
Resource Hash
9c4c179e5c0add5e889da02d4006bb259b196ec7a4cbe12a3061d716505746ad

Request headers

:path
/upload/BANNER-20150827-032439.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.contasmedicas.com
referer
https://www.contasmedicas.com/web/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.contasmedicas.com/web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:32:59 GMT
last-modified
Thu, 27 Aug 2015 06:24:39 GMT
server
nginx
x-powered-by
PleskLin
etag
"55dead27-105c3"
content-type
image/jpeg
accept-ranges
bytes
content-length
67011
logo-contas-medicas-dark.png
www.contasmedicas.com/web/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contasmedicas.com/web/img/logo-contas-medicas-dark.png
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx / PleskLin
Resource Hash
5aade2cc550eb6f5279cd8c9522c2468515ecc3e0b3836f98535ca58af38943b

Request headers

:path
/web/img/logo-contas-medicas-dark.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.contasmedicas.com
referer
https://www.contasmedicas.com/web/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.contasmedicas.com/web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:32:59 GMT
last-modified
Mon, 10 Aug 2015 22:00:31 GMT
server
nginx
x-powered-by
PleskLin
etag
"55c91eff-4d3e"
content-type
image/png
accept-ranges
bytes
content-length
19774
jquery.js
www.contasmedicas.com/web/js/vendor/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contasmedicas.com/web/js/vendor/jquery.js
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx / PleskLin
Resource Hash
7656e3347ce0b203db1b7a7ecba9b8fc21b920aec2f5b220de2bfb58a669d5f4

Request headers

:path
/web/js/vendor/jquery.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.contasmedicas.com
referer
https://www.contasmedicas.com/web/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.contasmedicas.com/web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:32:58 GMT
content-encoding
br
etag
W/"55c91f01-14aa7"
last-modified
Mon, 10 Aug 2015 22:00:33 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
foundation.min.js
www.contasmedicas.com/web/js/ 		188 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contasmedicas.com/web/js/foundation.min.js
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx / PleskLin
Resource Hash
7407b2f074e07089b4f70066689fa3d2c314b19e534610e9ad368f8d3cf322f0

Request headers

:path
/web/js/foundation.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.contasmedicas.com
referer
https://www.contasmedicas.com/web/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.contasmedicas.com/web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:32:58 GMT
content-encoding
br
etag
W/"55c91f04-2f11d"
last-modified
Mon, 10 Aug 2015 22:00:36 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
css
fonts.googleapis.com/ 		0
0
jquery.maskedinput.js
www.contasmedicas.com/web/js/vendor/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contasmedicas.com/web/js/vendor/jquery.maskedinput.js
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx /
Resource Hash

Request headers

:path
/web/js/vendor/jquery.maskedinput.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.contasmedicas.com
referer
https://www.contasmedicas.com/web/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.contasmedicas.com/web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:32:58 GMT
content-encoding
br
server
nginx
content-type
text/html; charset=iso-8859-1
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.contasmedicas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6990
date
Wed, 25 Aug 2021 13:36:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 25 Aug 2021 15:36:32 GMT
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb19d8f8f12311e4e2e95df6ad7c0c2807ddadbc41f45a0d5790163a04557edc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.contasmedicas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
PuHgaziOzECp0fBRjF1Opg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
ZH5WIkTazKXjy6giuwE1/Fs185Zdibg8dk3uemxA7SvpCaeOA56a+xZ7AweuqH1nbY+248t4J6OAkR55bydSFg==
x-fb-trip-id
686109401
x-fb-content-md5
0bb79e4f8f16645a3bb90b118a61286f
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 25 Aug 2021 15:33:02 GMT
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"86c5e64d6ae621c7f07943dae7b0d4d9"
timing-allow-origin
*
expires
Wed, 25 Aug 2021 15:47:26 GMT
bg-cinza.gif
www.contasmedicas.com/web/img/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contasmedicas.com/web/img/bg-cinza.gif
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx / PleskLin
Resource Hash
f85aebcd5edb9955aeca61942e4df21ae60bc16341c559e1637dd8c577f8bd3f

Request headers

:path
/web/img/bg-cinza.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.contasmedicas.com
referer
https://www.contasmedicas.com/web/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.contasmedicas.com/web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:32:59 GMT
last-modified
Mon, 10 Aug 2015 22:00:30 GMT
server
nginx
x-powered-by
PleskLin
etag
"55c91efe-a4a3"
content-type
image/gif
accept-ranges
bytes
content-length
42147
whatsapp-button.js
www.contasmedicas.com/web/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contasmedicas.com/web/js/whatsapp-button.js
Requested by
Host: www.contasmedicas.com
URL: https://www.contasmedicas.com/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.101.144.123 , Brazil, ASN262790 (Central Server Informatica Ltda, BR),
Reverse DNS
www0021.centralserver.com.br
Software
nginx /
Resource Hash

Request headers

:path
/web/js/whatsapp-button.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.contasmedicas.com
referer
https://www.contasmedicas.com/web/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.contasmedicas.com/web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:32:59 GMT
content-encoding
br
server
nginx
content-type
text/html; charset=iso-8859-1
sdk.js
connect.facebook.net/pt_BR/ 		230 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=30f64cdf8c5c329ee390ff6971c764e4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
524178473ab2574174c63c4d589322d5ae8c03c7db04e11332292d78be52eaf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.contasmedicas.com
Referer
https://www.contasmedicas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
9Iigs+Lp2911bUzqLQro3Q==
cross-origin-resource-policy
cross-origin
expires
Thu, 25 Aug 2022 14:35:10 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68323
x-fb-rlafr
0
x-fb-debug
pRg0cwVy9Fnu+2TOLC0san+koAMOSS7LSisuB/ekxVMsZ1bHzTz1qsGUAA3ZEEWXjfw5uQ1T2K+7GErxNFatEw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
22c9c810797a4b0f43dab24389762dc8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 Aug 2021 15:33:02 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"c87b72b9785ef32d7cf15b1a0761e3ee"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=938454361&t=pageview&_s=1&dl=https%3A%2F%2Fwww.contasmedicas.com%2Fweb%2F&ul=en-us&de=UTF-8&dt=Contas%20M%C3%A9dicas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1564183250&gjid=190258627&cid=281513857.1629905582&tid=UA-2431818-37&_gid=196427007.1629905582&_r=1&_slc=1&z=1781439434
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.contasmedicas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Aug 2021 15:33:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.contasmedicas.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-2431818-37&cid=281513857.1629905582&jid=1564183250&gjid=190258627&_gid=196427007.1629905582&_u=IEBAAEAAAAAAAC~&z=110029218
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.contasmedicas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 25 Aug 2021 15:33:02 GMT
content-type
text/plain
access-control-allow-origin
https://www.contasmedicas.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
like_box.php
www.facebook.com/v2.2/plugins/ Frame DD4B 		54 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=30f64cdf8c5c329ee390ff6971c764e4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ec4dc60c06947c8287da0503318c888bac556f4151f3dc334621c524587e160
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.contasmedicas.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.contasmedicas.com/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v4.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
5/zcb584/0hxGZMeGtNQA9o5xd2LnKU+RPTeP72bm3tJymmHwWrkrubSZ3jc0A4vIqs1rY1M4MgYBxK+YhKAEg==
date
Wed, 25 Aug 2021 15:33:02 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
mfC2OG_LE3E.css
www.facebook.com/rsrc.php/v3/yN/l/0,cross/ Frame DD4B 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yN/l/0,cross/mfC2OG_LE3E.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46de4480cf1dc22dc2aacd66fa5ed3fc23ba51f55bc33e29c0d055fab25b636b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 18:28:24 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ysQW+PeQIuOly1HQ+cpa4A==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
cross-origin-resource-policy
cross-origin
content-length
4675
x-fb-rlafr
0
x-fb-debug
TKHDnT6f2zHSPxa7tNN+tTljpx4H2O/lrw+QcJRnn0ucaxc7EvmorUtECVVBVgEwieR5CNeh7JsYlhiYwOuF2w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 23 Aug 2022 18:28:24 GMT
FPdNN1TK3wJ.css
www.facebook.com/rsrc.php/v3/yF/l/0,cross/ Frame DD4B 		2 KB
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 18:38:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qki4Wy05mlz5CwH9oqDKag==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
cross-origin-resource-policy
cross-origin
content-length
815
x-fb-rlafr
0
x-fb-debug
7aWymxso/LWho3vfU7o81N0RMtv40Iv6EMT1xCgThhqQPAsHUJu0qyZhaFSj3S6fCjBQhYqq1K/xmw6XMUJLLw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 20 Aug 2022 18:38:59 GMT
TQk8XhjBwGQ.js
www.facebook.com/rsrc.php/v3/y0/r/ Frame DD4B 		299 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y0/r/TQk8XhjBwGQ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1a73b108af18b18d11aa45d4379123a01a66097b1bde9d6e9a136a5ff99519db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 05:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
MhINquIrPT/2fv4YfXoUgw==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
content-length
83048
x-fb-rlafr
0
x-fb-debug
CttqxzHSHbE05OArcZu9KwJFWb9lvEY7I2PruezOevhrCvskV9utO2lMkpY12dS5SXfKQsgHu270wuK4WdYPhQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 25 Aug 2022 05:51:00 GMT
GG1Y0sYc7My.js
www.facebook.com/rsrc.php/v3/yv/r/ Frame DD4B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 18:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kw22OIA6eDgOltzbJdNVmQ==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
content-length
1640
x-fb-rlafr
0
x-fb-debug
520sRb6RsnBD9IwAipErV1aCBpXRwT8O1mZTn4dxSFMqw80keEH/Q9k/XwB35M6c8uKSrP4YxGclguj2JAs/oQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 18 Aug 2022 18:46:04 GMT
odf7Yq7Pd4A.js
www.facebook.com/rsrc.php/v3/yO/r/ Frame DD4B 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yO/r/odf7Yq7Pd4A.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7fa6cc8a9a258065bf0ff024882381347e06c6bac4b32519dbba87bb8507d68e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 18:16:29 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5HIjlo+1XaAZZHaVoZgeDA==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
cross-origin-resource-policy
cross-origin
content-length
13253
x-fb-rlafr
0
x-fb-debug
cEC1UWwC0NVkZhVooaEV7FzmE4l7yN0WhhZicZpeD3QBumPr3Ewol2EWUFdJGig0XpnUeLJi/PHqqfpGQP7+1A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 18 Aug 2022 18:16:29 GMT
6jkSY5CyG40.js
www.facebook.com/rsrc.php/v3/yP/r/ Frame DD4B 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yP/r/6jkSY5CyG40.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8256af7126adafa86ab01b3ce4abd14ce36f6a4fd51a98860dd045626dce2f1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 18:06:10 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QUtaP7jZI+Wvz4V2UZLIUQ==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
cross-origin-resource-policy
cross-origin
content-length
14940
x-fb-rlafr
0
x-fb-debug
yXIrG/pE4CrcSCph6QgJ7O+VrRiTUDv2EGqwdIIEOI0cUOkc8j/5cWdNNZJcjstCwtVetINEwwSVfVEpr4vvfQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 18 Aug 2022 18:06:10 GMT
Ne5x2plvsRz.js
www.facebook.com/rsrc.php/v3iM-F4/yS/l/pt_BR/ Frame DD4B 		83 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iM-F4/yS/l/pt_BR/Ne5x2plvsRz.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bebc4abe64dd5767c76d335cf607d5531f1c007d74a192394e99d1904846eb48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:29:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NK5Qkvk92Xk5XHOyvseZAw==
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/;
cross-origin-resource-policy
cross-origin
content-length
23232
x-fb-rlafr
0
x-fb-debug
U34w9tbn1C7RzOnvFsbAY1nIevOcYtbePTj5DOKHLGPY8LgTDO37AtLKEF+fo/C/xpM3oUuZWVuzcfQ7za2Z5w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 18 Aug 2022 17:29:12 GMT
ep5DIDuWZzO.js
www.facebook.com/rsrc.php/v3/yz/r/ Frame DD4B 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yz/r/ep5DIDuWZzO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
397e2efa0f2e3d146f3345321d1d0a14b539275b6002f87a81b11555f4d0de18
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 17:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
l5t6TNenKRgV7Ew5YHSRmw==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
cross-origin-resource-policy
cross-origin
content-length
7543
x-fb-rlafr
0
x-fb-debug
hzoT/hsnwL4hjpj65lMKUQtlGbKp7Er/kY5u7k88qp9isYUw7q00CrQ2eUWxf85pj6Dcdf2SA6xaMkoK6igJYg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 18 Aug 2022 17:25:53 GMT
10383010_1655138968051105_2524459829831694922_n.png
scontent.xx.fbcdn.net/v/t1.18169-9/p296x100/ Frame DD4B 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t1.18169-9/p296x100/10383010_1655138968051105_2524459829831694922_n.png?_nc_cat=101&ccb=1-5&_nc_sid=dd9801&_nc_ohc=cbZMwP7KfYUAX-D5GsO&_nc_ht=scontent.xx&edm=ACXs3PUEAAAA&oh=0b81adb287da3ef1a4cf9b2071c64744&oe=614A4F7A
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7493b7b4ce1a5d31f0f2241c6ebff6463b87ebf179a8799ef1ff5a6b54819ccd

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-haystack-needlechecksum
2202077228
date
Wed, 25 Aug 2021 15:33:02 GMT
x-fb-trip-id
686109401
last-modified
Wed, 13 May 2015 17:32:18 GMT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2736099352
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25351
11130163_1655138421384493_5459147366857883061_n.png
scontent.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/ Frame DD4B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/11130163_1655138421384493_5459147366857883061_n.png?_nc_cat=110&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=YLIs6nMme48AX9gQStJ&_nc_ht=scontent.xx&oh=752db89d35afee6e1de6fd62debaf560&oe=614A1DE4
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f0e0da095765c86b14ec62ed8dc6ff35ad380692e3ba52cf7d8df34da0887083

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-haystack-needlechecksum
632396707
date
Wed, 25 Aug 2021 15:33:02 GMT
last-modified
Wed, 13 May 2015 17:29:46 GMT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4115636413
content-length
4301
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
mOcgOmDDSbN.png
www.facebook.com/rsrc.php/v3/yL/r/ Frame DD4B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yL/r/mOcgOmDDSbN.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/l/0,cross/mfC2OG_LE3E.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3dc936b3c6e476fbbbfea1c5d962f4bee0e3636450608357ffcf9e6e92e0d596
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yN/l/0,cross/mfC2OG_LE3E.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fb-debug
1wTut2FrE0ezdtEWtikG1UEjUBpg9gZ13w7FEbVxDfSXNg8P6yopwNq935OUBsAHrjeddPLlsaPZlvE9+lvrSQ==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
2bKr5oI1XogALo4o3p6kDA==
date
Tue, 24 Aug 2021 15:47:42 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
1193
x-fb-rlafr
0
expires
Wed, 24 Aug 2022 15:47:42 GMT
4C_syl1U7Wa.js
www.facebook.com/rsrc.php/v3/yO/r/ Frame DD4B 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yO/r/4C_syl1U7Wa.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y0/r/TQk8XhjBwGQ.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d1e212ea47ffd958a12b76aad0c158e3846344e7476fe8755005df3b600ca16a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 18:35:06 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
i9TDFKLIRGRS2Q5knfv25g==
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c;
cross-origin-resource-policy
cross-origin
content-length
14314
x-fb-rlafr
0
x-fb-debug
34IVkC+rO8QuuXNa1XBaEc5G98sP2jJHwYLWHz8iJQSUo6HMWcswKJziYiqkVD/L/7fkvAi1rZCxSi8B1WY+YA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 22 Aug 2022 18:35:06 GMT
cN-N4Eu_deZ.js
www.facebook.com/rsrc.php/v3/yv/r/ Frame DD4B 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yv/r/cN-N4Eu_deZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y0/r/TQk8XhjBwGQ.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v2.2/plugins/like_box.php?app_id=433571066797334&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fceb51e06173%26domain%3Dwww.contasmedicas.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.contasmedicas.com%252Ff35e7ba9a0283d%26relation%3Dparent.parent&color_scheme=dark&container_width=303&header=false&height=185&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FContas-M%25C3%25A9dicas%2F1605258013039201&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=287
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XkHzn1WHKMxOAJmWI3FJ7A==
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net;frame-src *.facebook.com fbsbx.com;report-uri https://www.facebook.com/csp/reporting/?m=c;
cross-origin-resource-policy
cross-origin
content-length
2277
x-fb-rlafr
0
x-fb-debug
6VsbggWm5BEcRhsn1yT6craKDnHiGbOyISmWIXBsbqcC2jdW9ja3j0cUMcJD1F+Ggnh8VywB6Gbkjw2wcHNA6w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 12 Aug 2022 05:30:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Ruda:400,700,900

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| html5 object| Modernizr string| GoogleAnalyticsObject function| ga function| fbAsyncInit function| $ function| jQuery object| Foundation object| doc number| wabtn4fg object| h object| s object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.contasmedicas.com/ Name: _gat
Value: 1
.contasmedicas.com/ Name: _gid
Value: GA1.2.196427007.1629905582
.contasmedicas.com/ Name: _ga
Value: GA1.2.281513857.1629905582

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
scontent.xx.fbcdn.net
stats.g.doubleclick.net
www.contasmedicas.com
www.facebook.com
www.google-analytics.com
fonts.googleapis.com
177.101.144.123
2a00:1450:4001:800::200e
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
1a73b108af18b18d11aa45d4379123a01a66097b1bde9d6e9a136a5ff99519db
39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77
397e2efa0f2e3d146f3345321d1d0a14b539275b6002f87a81b11555f4d0de18
3dc936b3c6e476fbbbfea1c5d962f4bee0e3636450608357ffcf9e6e92e0d596
46de4480cf1dc22dc2aacd66fa5ed3fc23ba51f55bc33e29c0d055fab25b636b
4ec4dc60c06947c8287da0503318c888bac556f4151f3dc334621c524587e160
524178473ab2574174c63c4d589322d5ae8c03c7db04e11332292d78be52eaf1
5447e08f370416d37f951327be656b3a2e077a132757d1aa890ddcf9fafe6c6c
5aade2cc550eb6f5279cd8c9522c2468515ecc3e0b3836f98535ca58af38943b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7407b2f074e07089b4f70066689fa3d2c314b19e534610e9ad368f8d3cf322f0
7493b7b4ce1a5d31f0f2241c6ebff6463b87ebf179a8799ef1ff5a6b54819ccd
7656e3347ce0b203db1b7a7ecba9b8fc21b920aec2f5b220de2bfb58a669d5f4
7df736f867000f402afe16904ccc732c6863f45660975a0e81e3adf69e536c59
7fa6cc8a9a258065bf0ff024882381347e06c6bac4b32519dbba87bb8507d68e
8256af7126adafa86ab01b3ce4abd14ce36f6a4fd51a98860dd045626dce2f1f
9baaf9c2597705ec948424eaf0670c061403b8fe213fccb4f6a58724346d6eee
9c4c179e5c0add5e889da02d4006bb259b196ec7a4cbe12a3061d716505746ad
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b41fcbfa6189cd39af960bde2010dc569157feeb46f3c62bd444ab9313231552
bebc4abe64dd5767c76d335cf607d5531f1c007d74a192394e99d1904846eb48
c7d2b827a6be41d0a0e1bd694bf1a6ef7afc136475d52d7adc2c5387c1fd423d
cb19d8f8f12311e4e2e95df6ad7c0c2807ddadbc41f45a0d5790163a04557edc
d1e212ea47ffd958a12b76aad0c158e3846344e7476fe8755005df3b600ca16a
f0e0da095765c86b14ec62ed8dc6ff35ad380692e3ba52cf7d8df34da0887083
f5bc2c1d679f9740952be19e7b1b80c6b0baa723a2c4b98fddcc398954768113
f85aebcd5edb9955aeca61942e4df21ae60bc16341c559e1637dd8c577f8bd3f
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62