medicoresponde.com.br Open in urlscan Pro
51.81.102.148 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://medicoresponde.com.br/
Effective URL:
https://medicoresponde.com.br/
Submission: On March 02 via api (March 2nd 2023, 8:30:46 am UTC) from US — Scanned from DE

Summary HTTP 96 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 15 domains to perform 96 HTTP transactions. The main IP is 51.81.102.148, located in New York, United States and belongs to OVH, FR. The main domain is medicoresponde.com.br.
TLS certificate: Issued by R3 on February 26th 2023. Valid for: 3 months.

This is the only time medicoresponde.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	51.81.102.148 51.81.102.148	16276 (OVH) (OVH)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	195.70.1.181 195.70.1.181	12333 (DFINET Ge...) (DFINET Geneva)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	167.114.90.133 167.114.90.133	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
2	158.69.248.161 158.69.248.161	16276 (OVH) (OVH)
14	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3 6	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.253.161.49 34.253.161.49	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:fc00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f18:1ac... 2600:1f18:1aca:4282:d50a:6f81:789a:da23	14618 (AMAZON-AES) (AMAZON-AES)
96	28

20 51.81.102.148 (New York, United States)

ASN16276 (OVH, FR)
PTR: ip148.ip-51-81-102.us

medicoresponde.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.medicoresponde.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.70.1.181 (Plan-les-Ouates, Switzerland)

ASN12333 (DFINET Geneva, Switzerland, CH)
PTR: 181.1.70.195.rev.dfinet.net

www.honcode.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.114.90.133 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip133.ip-167-114-90.net

eu.7gra.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7eaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 158.69.248.161 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns542920.ip-158-69-248.net

7gra.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.39.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.83.142.19 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.161.49 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-161-49.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:fc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:1aca:4282:d50a:6f81:789a:da23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	131 KB
20	medicoresponde.com.br medicoresponde.com.br static.medicoresponde.com.br	279 KB
15	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319	203 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	117 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 748 static.adsafeprotected.com — Cisco Umbrella Rank: 573 dt.adsafeprotected.com — Cisco Umbrella Rank: 539	98 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 73 ampcid.google.com — Cisco Umbrella Rank: 2216 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	3 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8947 ampcid.google.de — Cisco Umbrella Rank: 66651 www.google.de — Cisco Umbrella Rank: 6149	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 761	3 KB
3	7gra.us eu.7gra.us — Cisco Umbrella Rank: 149987 7gra.us — Cisco Umbrella Rank: 85086	7 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	49 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	47 KB
1	honcode.ch www.honcode.ch — Cisco Umbrella Rank: 26472	2 KB
96	15

	Domain	Requested by
15	static.medicoresponde.com.br	medicoresponde.com.br static.medicoresponde.com.br
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net
9	s0.2mdn.net	medicoresponde.com.br s0.2mdn.net 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
5	dt.adsafeprotected.com	1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	securepubads.g.doubleclick.net	medicoresponde.com.br securepubads.g.doubleclick.net
5	medicoresponde.com.br	medicoresponde.com.br
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	tpc.googlesyndication.com
3	unpkg.com	2 redirects medicoresponde.com.br
2	static.adsafeprotected.com	1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	medicoresponde.com.br
2	fw.adsafeprotected.com	1 redirects medicoresponde.com.br
2	googleads.g.doubleclick.net	1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	www.google.de
2	stats.g.doubleclick.net	www.google-analytics.com
2	7gra.us	medicoresponde.com.br static.medicoresponde.com.br
2	1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googletagservices.com	1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	eu.7gra.us	medicoresponde.com.br
1	www.googletagmanager.com	medicoresponde.com.br
1	www.honcode.ch	medicoresponde.com.br
96	29

This site contains links to these domains. Also see Links.

Domain
www.healthonnet.org

Subject Issuer	Validity	Valid
medicoresponde.com.br R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.honcode.ch Thawte RSA CA 2018	`2022-11-18` - `2023-12-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
eu.7gra.us R3	`2023-02-14` - `2023-05-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
7gra.us R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-02-10` - `2023-05-27`	4 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-01` - `2023-05-08`	2 months	crt.sh

This page contains 9 frames:

Primary Page: https://medicoresponde.com.br/
Frame ID: D6BBE3F03333A2E37A172A858C0678D4
Requests: 49 HTTP requests in this frame

Frame: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6B67738449D4D114E9E0BEB8B6E9B346
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 44A9872057BBD258EB97EA7967B52566
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5DED0F7011CB94F359A7CCBE269C669A
Requests: 2 HTTP requests in this frame

Frame: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E5ACB881828A980F8D87F09EBCF38E6A
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNWdcQI3dl9ra8S3apC6elhnN9oxiU5afeOmrQjAeLXIH1TMbv6dKcPRvCTa2rMIzOWDCWx14rppbF202obr_KIcAePIoQvoQpTx7Eo_pQQUY3ai4hyxgrdtqGDOn_N9oCLc5651c4O19isjWFzRrJval24BsSwaGYDrE-XilhwmxTfjyXg
Frame ID: 0B57D963244A31C49F366817D7541AC5
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B60D9CD3E0C5D38CBFBF2DB8407B0350
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17425118478164857034/index.html
Frame ID: 424207A8FEEE4BAB7258F3B039729193
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A53740623241D5C534848F6DCEE747A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Médico Responde

Page URL History Show full URLs

http://medicoresponde.com.br/ HTTP 307
https://medicoresponde.com.br/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

96
Requests

94 %
HTTPS

70 %
IPv6

15
Domains

29
Subdomains

28
IPs

6
Countries

962 kB
Transfer

2326 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.healthonnet.org/HONcode/Portuguese/?HONConduct838342

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://medicoresponde.com.br/ HTTP 307
https://medicoresponde.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@3.1.1 HTTP 302
https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGsC6pD2HEdwtQnJx0zo1gk&google_cver=1

Request Chain 65

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZABesdyxFh5M0c0llj4lIgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGsC6pD2HEdwtQnJx0zo1gk&google_cver=1

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPNduU04GS9oAIDzkKWFHZg&google_cver=1

Request Chain 67

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk1NTMwOTM1MTkyMTQyNDY4Nw%3D%3D

Request Chain 79

https://fw.adsafeprotected.com/rfw/st/990511/61634099/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-9298862887854366&ias_chanId=1&ias_placementId=19429528483&bidurl=https://medicoresponde.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h_4LSSfCWzD7t_qufQ-D0G&adContainerId=brand_safety_sV4AZP-pJPTe7gPt26vYDQ&cbFunctionName=goog_wrapCb_sV4AZP-pJPTe7gPt26vYDQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fmedicoresponde.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fmedicoresponde.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2c607c18-bd32-af88-2a94-8abe9748b4c6,c:5GU6yP,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-6tr2d,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:txkKzy0+11%7C12%7C13%7C14*.990511-61634099%7C141%7C1421%7C143,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:16,oid:84b8e2da-b8d4-11ed-a28e-36ec2c748384,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

96 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
medicoresponde.com.br/
Redirect Chain

http://medicoresponde.com.br/
https://medicoresponde.com.br/

61 KB
13 KB

874ms
200ms

Document
text/html

51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

4a4037af9a1227880cfacc5eacdfdda56ccfe6966b5f36a4fed2300ff1afde97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=21600
content-encoding: gzip
content-length: 13200
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 08:30:40 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://medicoresponde.com.br/
Non-Authoritative-Reason: HSTS

GET
H2 200 frontoffice.160.css
static.medicoresponde.com.br/assets/ 54 KB
10 KB 154ms
102ms Stylesheet
text/css 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.medicoresponde.com.br/assets/frontoffice.160.css

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

bc30bc3a9e0e6e993ddef29be946b2ab7bf1f13155760424ffaf44d8d38be4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Mon, 02 May 2022 10:26:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
x-server: US.A
accept-ranges: bytes
content-length: 9831
expires: Fri, 01 Mar 2024 08:30:40 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
27 KB 80ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07861610ebc45cb7e014b89030d93738b2c6bf0265727690157e90023c9e070b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26758
x-xss-protection: 0
server: sffe
etag: "1498 / 319 of 1000 / last-modified: 1677712017"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 08:30:40 GMT

GET
H2 200 frontoffice.160.js Show response
static.medicoresponde.com.br/assets/ 29 KB
10 KB 102ms
101ms Script
text/javascript 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.medicoresponde.com.br/assets/frontoffice.160.js

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

16a3e62773565c575834c23a737a971202289a5d1ba2ee7d4b1a2ad4d3ec08b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000
x-server: US.A
accept-ranges: bytes
content-length: 10143
expires: Fri, 01 Mar 2024 08:30:40 GMT

GET
H2 200 logo.png
static.medicoresponde.com.br/assets/img/ 364 B
619 B 101ms
101ms Image
image/png 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/logo.png

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

1345f3df5720f4ab65e32448ff9c79cef04cbe582e260bf6440ccf72cb45b0be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000
x-server: US.A
accept-ranges: bytes
content-length: 364
expires: Sat, 01 Apr 2023 08:30:40 GMT

GET
H2 200 dra-rafaella-ericksson_original-60x60.jpg
static.medicoresponde.com.br/upload/user/ 1 KB
2 KB 104ms
101ms Image
image/jpeg 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/upload/user/dra-rafaella-ericksson_original-60x60.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

8d2e326871113a6631199980b6f692da3153f2908a923d16cb1237321bdbba1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:56 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: US.A
accept-ranges: bytes
content-length: 1433
expires: Sat, 01 Apr 2023 08:30:40 GMT

GET
H2 200 dra-janyele-sales_original-60x60.jpg
static.medicoresponde.com.br/upload/user/ 2 KB
2 KB 104ms
102ms Image
image/jpeg 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/upload/user/dra-janyele-sales_original-60x60.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

8df7f56342424e63dd92744bb8742e1815a0e78bdb395676924bd49f8be49c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:56 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: US.A
accept-ranges: bytes
content-length: 1581
expires: Sat, 01 Apr 2023 08:30:40 GMT

GET
H2 200 nicolegeovana-60x60.jpg
static.medicoresponde.com.br/upload/user/ 3 KB
3 KB 204ms
201ms Image
image/jpeg 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/upload/user/nicolegeovana-60x60.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

bef775f255ade6bac5ad4e4cba1ca6d7f3b286b76accebd475aaed1af6ec5cfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:56 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: US.A
accept-ranges: bytes
content-length: 2979
expires: Sat, 01 Apr 2023 08:30:40 GMT

GET
H2 200 top_left.jpg
medicoresponde.com.br/assets/img/h/ 27 KB
28 KB 104ms
102ms Image
image/jpeg 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medicoresponde.com.br/assets/img/h/top_left.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

1667349b051ad404e45fa4bd7ed6c1364e16c88610cab2f2e2365ce1cbb54a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27969

GET
H2 200 top_right.jpg
medicoresponde.com.br/assets/img/h/ 7 KB
7 KB 135ms
133ms Image
image/jpeg 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medicoresponde.com.br/assets/img/h/top_right.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

4474e7afa6f1ee42a8257c9bd3e6b7ca1b4023e92aadc3e103577097bf5baa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7372

GET
H2 200 bott_left.jpg
medicoresponde.com.br/assets/img/h/ 22 KB
22 KB 203ms
201ms Image
image/jpeg 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medicoresponde.com.br/assets/img/h/bott_left.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

a914d8660b651ae1a80383979c351b679b4a11bc330467b09ccfd7fb7db4e95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22690

GET
H2 200 bott_right.jpg
medicoresponde.com.br/assets/img/h/ 13 KB
13 KB 202ms
200ms Image
image/jpeg 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medicoresponde.com.br/assets/img/h/bott_right.jpg

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

9e0a47a608b4ac1de5c3a11c4aa41ca80cb0dd820b050e7f8c7c6da3c897ac7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13351

GET
H2 200 HONConduct838342_s.gif
www.honcode.ch/HONcode/Seal/ 2 KB
2 KB 269ms
19ms Image
image/gif 195.70.1.181
DFINET Geneva

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.honcode.ch/HONcode/Seal/HONConduct838342_s.gif
Requested by: Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.70.1.181 Plan-les-Ouates, Switzerland, ASN12333 (DFINET Geneva, Switzerland, CH),
Reverse DNS: 181.1.70.195.rev.dfinet.net
Software: nginx /
Resource Hash: d094dd35621b1528eb3847231a675903cc626fa9474d6bb13cf87ee0cd708939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
last-modified: Wed, 06 Mar 2019 22:49:54 GMT
server: nginx
accept-ranges: bytes
etag: "5c804e92-8c4"
content-length: 2244
content-type: image/gif

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
47 KB 62ms
26ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSZP4N6

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa40cbf948df229f54bc07b7071c6c3dbe55590fa93f6795971abb751b182cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47656
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Mar 2023 08:30:40 GMT

GET
H2 200 pubads_impl_2023022801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072760

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccd9121a14b7d9a66e942de02634cb4058f3b8faa32ae268a14fb6a8fe301d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 15:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132270
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 09:36:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Feb 2024 15:57:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 110 B
102 B 74ms
47ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=medicoresponde.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

168bd9b3d1f15a5a64140cb1eec7197eda3d7d9b266c98bb1f50d0091fa473b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:30:40 GMT

GET
H2 200 / Show response
eu.7gra.us/ 1 B
208 B 338ms
99ms XHR
text/plain 167.114.90.133
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.7gra.us/
Requested by: Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.114.90.133 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip133.ip-167-114-90.net
Software: nginx /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: true
content-length: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hero.jpg
static.medicoresponde.com.br/assets/img/h/ 36 KB
36 KB 200ms
200ms Image
image/jpeg 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/h/hero.jpg

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

96f4d0062b00f92410ea7eee929c29346b50e956793f8b2abe31ee3cfd5ff79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: US.A
accept-ranges: bytes
content-length: 36820
expires: Sat, 01 Apr 2023 08:30:40 GMT

GET
H2 200 source-sans-pro-700.woff2
static.medicoresponde.com.br/assets/fonts/ 14 KB
14 KB 399ms
195ms Font
font/woff2 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.medicoresponde.com.br/assets/fonts/source-sans-pro-700.woff2

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

cfa9603baa93612a1b37809e9b2eba09a87ec42ad81ba6c532d2eac56cde5b85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medicoresponde.com.br/
Origin: https://medicoresponde.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: US.A
accept-ranges: bytes
content-length: 14440
expires: Sat, 01 Apr 2023 08:30:40 GMT

GET
H2 200 source-sans-pro-regular.woff2
static.medicoresponde.com.br/assets/fonts/ 14 KB
15 KB 396ms
193ms Font
font/woff2 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.medicoresponde.com.br/assets/fonts/source-sans-pro-regular.woff2

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

a769166be88381ff553dd898537609ee8a973c37bd5ba3890d6ea0bb7fc2a41c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medicoresponde.com.br/
Origin: https://medicoresponde.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: US.A
accept-ranges: bytes
content-length: 14624
expires: Sat, 01 Apr 2023 08:30:40 GMT

GET
H2 200 mr.004.woff2
static.medicoresponde.com.br/assets/fonts/ 2 KB
2 KB 397ms
194ms Font
font/woff2 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.medicoresponde.com.br/assets/fonts/mr.004.woff2

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

b668f0a051806b00623a3c9bb8ddd7d9ae5d926e6bb81becd8dda6a54867b133

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
Origin: https://medicoresponde.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: US.A
accept-ranges: bytes
content-length: 1888
expires: Sat, 01 Apr 2023 08:30:40 GMT

GET
H2 200 fem.jpg
static.medicoresponde.com.br/assets/img/h/ 21 KB
21 KB 130ms
127ms Image
image/jpeg 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/h/fem.jpg

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

ae9402a1c863fb2f0688d78dceca2ba4d3832111567d0801f6bf10f033c3f019

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: US.A
accept-ranges: bytes
content-length: 21205
expires: Sat, 01 Apr 2023 08:30:40 GMT

GET
H2 200 male.jpg
static.medicoresponde.com.br/assets/img/h/ 26 KB
26 KB 105ms
104ms Image
image/jpeg 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/h/male.jpg

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

ddadd9c9eabbd03425127536a1bb86d8651bf5d3a7bcce322c5c46f1fdbdb822

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: US.A
accept-ranges: bytes
content-length: 26157
expires: Sat, 01 Apr 2023 08:30:40 GMT

GET
H2 200 eld.jpg
static.medicoresponde.com.br/assets/img/h/ 20 KB
20 KB 102ms
102ms Image
image/jpeg 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/h/eld.jpg

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

96a83ab2ad178ce5e682c3121648158955e463a0b64dc827310b7f6adafe2b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: US.A
accept-ranges: bytes
content-length: 20476
expires: Sat, 01 Apr 2023 08:30:40 GMT

GET
H2 200 child.jpg
static.medicoresponde.com.br/assets/img/h/ 18 KB
18 KB 101ms
101ms Image
image/jpeg 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/h/child.jpg

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

41c076b185d2dc7c8bd46fa7332340629be52f1702f3065d487431335d18caaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: US.A
accept-ranges: bytes
content-length: 18278
expires: Sat, 01 Apr 2023 08:30:40 GMT

GET
H2 200 mind.jpg
static.medicoresponde.com.br/assets/img/h/ 14 KB
15 KB 103ms
102ms Image
image/jpeg 51.81.102.148
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.medicoresponde.com.br/assets/img/h/mind.jpg

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

51.81.102.148 New York, United States, ASN16276 (OVH, FR),

Reverse DNS

ip148.ip-51-81-102.us

Software

nginx /

Resource Hash

59becaeaa1622648362b9d6baef1d20ca82c1cf964458513a03d7e75d08b3ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.medicoresponde.com.br/assets/frontoffice.160.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Apr 2022 14:17:55 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-server: US.A
accept-ranges: bytes
content-length: 14727
expires: Sat, 01 Apr 2023 08:30:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 80ms
23ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=medicoresponde.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 58ms
21ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=medicoresponde.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 710 B
388 B 313ms
312ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2876039829190343&correlator=806147438941941&eid=31072760&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=92076944%2Cmedicoresponde_footer_mrec&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200&ifi=1&adks=3890409618&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1677745840750&lmt=1677745840&dlt=1677745840500&idt=216&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmedicoresponde.com.br%2F&frm=20&vis=1&psz=964x0&msz=300x254&fws=128&ohw=0&ga_vid=930577219.1677745841&ga_sid=1677745841&ga_hid=721084181&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072760

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfebbe30a87dd77ac8ea5f224a77aabd3136d7d9a21de054e12e2f254599ca49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://medicoresponde.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B67 6 KB
3 KB 174ms
63ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medicoresponde.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:30:40 GMT
expires: Fri, 01 Mar 2024 08:30:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
7 KB 659ms
657ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2876039829190343&correlator=806147438941941&eid=31072760&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=92076944%2CMEDICORESPONDE_BR_HOME_HALFPAGE&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C240x400%7C300x250%7C120x600%7C250x250%7C200x200&ifi=2&adks=2498134603&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1677745840764&lmt=1677745840&dlt=1677745840500&idt=216&adxs=976&adys=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmedicoresponde.com.br%2F&frm=20&vis=1&psz=311x680&msz=311x620&fws=0&ohw=0&ga_vid=930577219.1677745841&ga_sid=1677745841&ga_hid=721084181&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072760

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe41418d694979230a57b38f670b6926fdfd497c3bc49dae930760b77ca79e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6870
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://medicoresponde.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 105ms
27ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSZP4N6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 07:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4390
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Mar 2023 09:17:30 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.1.1/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@3.1.1
https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js

7 KB
3 KB

18ms
17ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5ae596988bc5f95f8a3b7f05c6ecf6336c81b7ba42827c7dcb70ae2dacb77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:40 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4357814
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GPEV5SKAW699AECB2HGXPR91-fra
server: cloudflare
etag: W/"1b24-GqgswdM7opiZOqFSwUlHVut+Xpk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7a1847714aa22bfa-FRA

Redirect headers

date: Thu, 02 Mar 2023 08:30:40 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GPEV9AKHHPRCSY1E2PTZN5GW-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4357699
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.1.1/dist/web-vitals.iife.js
cache-control: public, max-age=31536000
cf-ray: 7a1847713a822bfa-FRA

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
443 B 154ms
49ms XHR
application/json 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://medicoresponde.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Mar 2023 08:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medicoresponde.com.br
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
372 B 168ms
49ms XHR
application/json 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://medicoresponde.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Mar 2023 08:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medicoresponde.com.br
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 consent-bar.min.js Show response
7gra.us/consentbar/ 23 KB
7 KB 351ms
96ms Script
application/javascript 158.69.248.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://7gra.us/consentbar/consent-bar.min.js?v=8

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.69.248.161 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns542920.ip-158-69-248.net

Software

nginx /

Resource Hash

d9467d95786b03f066eef98f39be104de6c31d9eb4983f80e4a7ca730017534c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 01 Mar 2024 08:30:41 GMT
date: Thu, 02 Mar 2023 08:30:41 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
last-modified: Mon, 03 Oct 2022 13:00:00 GMT
server: nginx
content-encoding: gzip
etag: W/"633adcd0-5cb2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 bhof.js Show response
7gra.us/ 15 B
334 B 350ms
99ms Script
text/javascript 158.69.248.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://7gra.us/bhof.js

Requested by

Host: static.medicoresponde.com.br
URL: https://static.medicoresponde.com.br/assets/frontoffice.160.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.69.248.161 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns542920.ip-158-69-248.net

Software

nginx /

Resource Hash

94e0db1d92e7f7bca01cc07a16abb8c2e9bf762e9742100be5103daa4603539c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 02 Mar 2023 08:30:41 GMT
pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
server: nginx
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 100ms
66ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

015b18250e151af0b350cfed2a27643eae9a1108a65abe8410c01f9b7c646a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11283
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 61ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:30:41 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
151 B 50ms
49ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=721084181&t=pageview&_s=1&dl=https%3A%2F%2Fmedicoresponde.com.br%2F&ul=en-us&de=UTF-8&dt=M%C3%A9dico%20Responde&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAhAAEABAAQCACAAI~&jid=359860449&gjid=769523546&cid=930577219.1677745841&tid=UA-34930850-18&_gid=462812400.1677745841&_r=1&_slc=1&gtm=45He32r0n81NSZP4N6&cg1=NO%20AMP&cg2=none&cg3=none&cg4=none&cg5=none&z=769086776

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medicoresponde.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medicoresponde.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 49ms
49ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=721084181&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmedicoresponde.com.br%2F&ul=en-us&de=UTF-8&dt=M%C3%A9dico%20Responde&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20VitalsWeb%20Vitals&ea=FCP&el=v3-1677745840871-2482794716586&ev=1074&_u=aAjAAEABAAQCACAAI~&jid=1689864526&gjid=175142067&cid=930577219.1677745841&tid=UA-34930850-18&_gid=462812400.1677745841&_r=1&gtm=45He32r0n81NSZP4N6&z=241485628

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medicoresponde.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medicoresponde.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 28ms
28ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=721084181&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmedicoresponde.com.br%2F&ul=en-us&de=UTF-8&dt=M%C3%A9dico%20Responde&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20VitalsWeb%20Vitals&ea=TTFB&el=v3-1677745840871-9908289747368&ev=875&_u=aAjAAEABAAQCACAAI~&jid=&gjid=&cid=930577219.1677745841&tid=UA-34930850-18&_gid=462812400.1677745841&gtm=45He32r0n81NSZP4N6&z=1530643597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 17:21:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 44A9 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medicoresponde.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:02:25 GMT
expires: Fri, 01 Mar 2024 08:02:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5DED 783 B
1 KB 131ms
51ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4df0ea548b9c8b2ddc40b9d41e062993279e93ebd8cc683b80cc20cadeac9760

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YbKfOV36xZG_oaXa2y4R4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medicoresponde.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-YbKfOV36xZG_oaXa2y4R4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:30:41 GMT
expires: Thu, 02 Mar 2023 08:30:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 44A9 36 KB
14 KB 39ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5352951bf989e18e3743de2c0bffcbe58dbb225a7f4ea33c205df304b5665bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 21:06:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14276
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 21:06:23 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 50ms
17ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-34930850-18&cid=930577219.1677745841&jid=359860449&gjid=769523546&_gid=462812400.1677745841&_u=aAhAAEAAAAQCACAAI~&z=1951905433

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medicoresponde.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medicoresponde.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 49ms
18ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-34930850-18&cid=930577219.1677745841&jid=1689864526&gjid=175142067&_gid=462812400.1677745841&_u=aAjAAEABAAQCACAAI~&z=110282961

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medicoresponde.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medicoresponde.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 52ms
52ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-34930850-18&cid=930577219.1677745841&jid=359860449&_u=aAhAAEAAAAQCACAAI~&z=929799901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 74ms
26ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-34930850-18&cid=930577219.1677745841&jid=359860449&_u=aAhAAEAAAAQCACAAI~&z=929799901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 52ms
52ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-34930850-18&cid=930577219.1677745841&jid=1689864526&_u=aAjAAEABAAQCACAAI~&z=613887825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 72ms
25ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-34930850-18&cid=930577219.1677745841&jid=1689864526&_u=aAjAAEABAAQCACAAI~&z=613887825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 44A9 0
10 B 15ms
14ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Z2hP_w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5DED 0
0 46ms
46ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022801&jk=2876039829190343&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 container.html Show response
1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E5AC 6 KB
3 KB 29ms
28ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js?cb=31072760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medicoresponde.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:30:40 GMT
expires: Fri, 01 Mar 2024 08:30:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0B57 624 B
826 B 86ms
49ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNWdcQI3dl9ra8S3apC6elhnN9oxiU5afeOmrQjAeLXIH1TMbv6dKcPRvCTa2rMIzOWDCWx14rppbF202obr_KIcAePIoQvoQpTx7Eo_pQQUY3ai4hyxgrdtqGDOn_N9oCLc5651c4O19isjWFzRrJval24BsSwaGYDrE-XilhwmxTfjyXg

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:30:41 GMT
expires: Thu, 02 Mar 2023 08:30:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E5AC 78 KB
27 KB 70ms
68ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 08:30:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5AC 42 B
63 B 49ms
46ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D6aiMow7tCYtLLgQfv-KidvBC6hyWZUIm7I4LoHuLnAzldTXjoq-PDcvjA0ZebhczFmuNWqTTB3HCuTnuzXLuCvFGpCq8y-rbJiFmuVJRkQ3wQa4M

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5AC 0
20 B 48ms
46ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12326614042700801672&x=1&ct=76

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame E5AC 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:55:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 06:55:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame E5AC 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:26:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5AC 158 KB
49 KB 79ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:30:41 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
28ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=721084181&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmedicoresponde.com.br%2F&ul=en-us&de=UTF-8&dt=M%C3%A9dico%20Responde&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20VitalsWeb%20Vitals&ea=LCP&el=v3-1677745840871-1494602188640&ev=1281&_u=aAjAAEABAAQCACAAI~&jid=&gjid=&cid=930577219.1677745841&tid=UA-34930850-18&_gid=462812400.1677745841&gtm=45He32r0n81NSZP4N6&z=777440883

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 17:47:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52964
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5AC 0
20 B 49ms
48ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8313726850231&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5AC 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8313726850231&version=m202301230201&ct=76&x=1&cor=12326614042700802000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E5AC 96 KB
38 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C88RV3c04ZNJz9V_ienVra1mR0xN8u9ahhWYXUsiBnn_DU6VOlbSFugKHX6BNCYq88RS0kagXnr2CufsbhByV-VvYVElqW5aSQe9erLz1SCT5AEe6If6ic3zXkNX_oLZ_Grbb-9mfo1giO2HxU_jO97tAQh-CYGgTbU6RpR62KOQPpKbM&dbm_d=AKAmf-D4YMo0NFDEAOfBNCPMzy5p6O2FbWB_OQnS7-pd5MZHEl0wyokpLynNydd0zM_Fr3Q7S4kwc75ED7c6mp-RNFAO9nkf6XlxBGRCuksQ2mqL38cIZ1yXWtZm4QfC4w9hFHFI5UJ1Te6myYTEOZfvRF2Wx26fJ7rEjEgHGHendoSzEf0IU7H1t3GTR-UfoLF2oKSo2ijQXttajGpLbnkCYgJtktPx-jrAuk46uP-d8w-vA03bi9HrcI7gdjLXK0GGbDuZdzlbaN-4B24ly-WMIR_rWx_K23vYo6Gi67z2WiWs327B9FpapO8FZanWRNLeAgUUW00LgR2ftEMA9MtRMJWwF3R8OKBfiZkicxwJ2_aWPo0VhEiesQLugZMl2GsaKzb5CiWxvMriToanao5V7B41bKbWadIJ4Twu5XIpJpgBS5Nqjo811VSnhoNlF6Thu_u-mwKbaAOVmCSiOLOH5AZZ_8_dlKf2oUx6Pcsx-biERcn65zo1V5OwF5b1bJz-aaqVwtUPUk6OF-MylWd1K4rHgOwn_Ueg4GxvGDckZmQB01jExPVb_qKcTSOSRhUefIkx0HRlsBUPSeoJzmm0FK_gLnUnaztC1SkXFcVsQZefwrPqz3pAihfUcz9RdGLgoET4vWKG4UnrqqpU4HirFCfpqYW6LDPhLTe22YfQvWU3-Ynbr4bjmOQtu-dpQGVVX9aJn14HuoeeDIW2lEPDDllCLyihw3Je0xcAjya-UqWPsunHQ0OXonVDGQC2hJJBYeNNDqT2q_5mVlxXos37NiviC3Z6jbYfswAtgOBY2r1gzX37cHJfuy8FTocgilwwl6_C683MrP6QzoxiTDwNTDOgsL1ZJFivoWHT9im2FSCUbroHm4gkPBclIuMbZhDwtDkict5fYzyILqyfOaPOBY8niCD-6hxRU2SdbQ5UM8HDj7laBftF99fK7NmlcCQosn6LdXHe2DgmTXn7rOYRYLsouItm7sqokLvimZh4AVids0GAukrjGJ2nEqIUHa0KhDyohOxxz6eu9-KNwE62_ddG3E3WHpbXabjxdSU79iHt1R9_TcUu9FrMf2Ivl0ycZOowlltCfEinvIMtbFuupeE1a6gN5NyJwuJDkqD2NMo-x7J5zkuHDD9an8JGUZ0jwZmFwG5pwWva5RjmExwdepasE2B2kLjm6QSY6EXyMZHq1xD0y-1kPeBXuRMTo_Hb7c-0EfwQuStK-B2IW44cmoeqormfejaoCT2UHzwNC91ivlCL49w6t-qxKY36-HbK7xLezNOhe45dC45-ygYbjv-dXxFcznaJxha8Wb-CW8ag6JdNvJhJmI_msnr7tJ0fn0d8DFjpJDLZohR_32OHWlfheZlaovik6bLNeahP0ekMlF9ae3xeZ1fQ94wqWwHSV_ZBDS4_FffAPyRpiTLl39ZPUc6dqzZomCdETcs50xM26aiSGXdeLtqsy1D8o_aW973I0EAiD71GSxNJMhHwmY3Q1552J9D4e64zokaMi2nleicimCSEvtzFPM0BtlmTiHompzDYGSipFbBVGLzBpzHHr5YmCu7doeqE3zn15CiMwi-TrptvJNknH8-6Ws-zDUATaAW62cc1A1aVtF8B-Oqax_tfix4r34FBu2zyMQC5YHw8d5GP_jNgjs5MMcSKIrKuTBuQN3LDCobki9YMp8j0maYcDUq9HD7jKa3ocAJzuv3RUPr-aB-PQmY2-pbi-dv2mQ23qJ-Jzk_APo7K8pPJN4QRQyXjM76dtn_q-8KA7NypUuj5SHUf4ivEWK5JcFLDP1fbNyRIF9xfAyWfLpPdkA59dN7QALFU87SiGwvXe3VV5beFg7HUdgoO9ultzRdcKl2N1xdw1173gqfWpvTOILBopuvqz83XoHtg41uApCWZegM8sOyNmfOUASmTgVqH1kuWBkethVXrsbdndIwWpU-A507_DOsxeBDyUmAfSTUOEGiBA2Rz_SocTDotJKXFpZPMtHRYlADoxaLpqKJeetfzTO8yKWg5Bm_tndDTaPPsbVX9rJAc8R09InU4VaIMJVSHBxZNYOLG8uqCnB7apcJOHGi1Z1mvWIVQvrSJP01JD336zqQWiCcCg970_OsofDe4Y-lMcy-OncAun6tCQ958HGBnUOXgAYiwd19J7_Vu867eHNg_rTUTJ3HRr6DokqHmBJBxWUpEJIzikgUNtKDQXSPxgDqUxtTPA-C0PA6WsNr3naE0IRxGYna5zczwugzAwthS762eHZxGzp12XiNNc0OeQ12usRJMJmLPw2dGbMfa0G8UT8pGl-D_reXgdsXnjw8ENfgf1fQuCRWde7vcXqyqemEzI9t3c-MM_SQ6J5Qk96dgETlE4DdG9OJ8nfVUAyNR1P6oG4c2968fvdKKDoGhXq1hAEsFOLx_QU8A38EdglI9oOCIz85MP3CDftPIVSy3pjjDLNbDjOYCo0UZAduu7KJm6v3VE2NPJZeFFIklp6pnbQC98zFZnQu2NfJ-3D07dM98Pn7SYj45wBozRJi-y6OFQC32DFOOyCQgSNasTpjh34qUFBVJyPPdKc66o0y48w2PsE4w0CfC7o3mYNFavwY5yMKZtcqhjPpmJPdHclMaD8dLrhd_Hj5uWawyGHoQgaVpPKUT1yEDGUSLr3yv92TDxEG_Knc2BfKtR3GvI_6rCyMddAneTQBEGHlh0RnFvjk992S_I0xmMHXhByPuWiCHW_1C02ZlvVkjvo2THWW3H6n1_oQS3DCaWTxi2pbG6jGmprYT97ufM7bEOKF0BTvSFaQNp2NHqVAOXw18e2PExPESG48Uud49lvp8fX4T8LZHlA-IUVRBucMCbVDH_TB6G7AOXlYK2b5MjtOjc6rA6yo8Fhb1VpvAOnCkGW_v5oFGpf57D7WtxeRSdM9orn_-KomS5Ps7o2DMx-FL1j_f8DH3SGuDr0f92bIAmSan7LJ4mXfml_yoA_EyfNR8Qw6XF5JqmsAaWycj13tm7xYgSDLguxKBD5NweeJGplxjcZ9VpZ-7MjsxT8t5a_p-83Ue-o9MbHt3XnknqsY-LykvTHXG0E_LhaSiRZ9sUaR6FMB-hGI2IOQgyIRpAr2Kskbqpkll2TJ0S4ytHbWewW7tADwKXejenkhaytlmFAFeapPOAPqgOg8ecgArb6TV02k49G3OmD4plnDcAKAHs1vixqE_YCc4-PCf4fRef30EPXsz89jI0nebw88lML0Zpb2ZqFvGZHALk39Dy98FWQaV7qeoyX8U4-Djzn4e2q_KtBsY0ZwwgfFKeS13ZKFNh00fop2fvKdDsdR1UGq0mj-iqO_jE29Mdz5tO_Ss_u-hqbFq1JJJuAIjPUu4D78_GjuQgm_DJYqh33zpbkgmXlPruPyhTPpAyTfYVcHHcZ65kJrT5hEveHRqkyGrOLKa8VXI_laPQzQ9WQuzCJYDwrjqZL3ciUU4ps0-N3IgruIDfZ2gzXGwdbAH24baRxtgvYO_5J2DWFGLKN1BCX3_PYJoJeVeoUfkdJm2dyJJhGEe9Q7INGcMx4AoNSBA_w&cid=CAQSTADUE5ymKV5PYvVWdsEKQGpIQK8mufeXLc8ri6sOVN9lDLgawBauHHnswea_m0Ev9pjXycfUNyzZXxa4U7glbDSZl7HMIhs9MjwPbk4YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmedicoresponde.com.br%2F&ds=l&xdt=1&iif=1&cor=12326614042700802000&adk=250412560&idt=77&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eefb28288ce03e9973866e1076f67af88f234929754c97838f07ddeff5a907e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38841
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0B57
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGsC6pD2HEdwtQnJx0zo1gk&google_cver=1

43 B
766 B

11ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGsC6pD2HEdwtQnJx0zo1gk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNWdcQI3dl9ra8S3apC6elhnN9oxiU5afeOmrQjAeLXIH1TMbv6dKcPRvCTa2rMIzOWDCWx14rppbF202obr_KIcAePIoQvoQpTx7Eo_pQQUY3ai4hyxgrdtqGDOn_N9oCLc5651c4O19isjWFzRrJval24BsSwaGYDrE-XilhwmxTfjyXg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 08:30:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGsC6pD2HEdwtQnJx0zo1gk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0B57
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZABesdyxFh5M0c0llj4lIgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGsC6pD2HEdwtQnJx0zo1gk&google_cver=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGsC6pD2HEdwtQnJx0zo1gk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNWdcQI3dl9ra8S3apC6elhnN9oxiU5afeOmrQjAeLXIH1TMbv6dKcPRvCTa2rMIzOWDCWx14rppbF202obr_KIcAePIoQvoQpTx7Eo_pQQUY3ai4hyxgrdtqGDOn_N9oCLc5651c4O19isjWFzRrJval24BsSwaGYDrE-XilhwmxTfjyXg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 08:30:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGsC6pD2HEdwtQnJx0zo1gk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0B57
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPNduU04GS9oAIDzkKWFHZg&google_cver=1

43 B
1 KB

15ms
12ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPNduU04GS9oAIDzkKWFHZg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNWdcQI3dl9ra8S3apC6elhnN9oxiU5afeOmrQjAeLXIH1TMbv6dKcPRvCTa2rMIzOWDCWx14rppbF202obr_KIcAePIoQvoQpTx7Eo_pQQUY3ai4hyxgrdtqGDOn_N9oCLc5651c4O19isjWFzRrJval24BsSwaGYDrE-XilhwmxTfjyXg

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 08:30:41 GMT
AN-X-Request-Uuid: bfbee6db-567a-42be-832e-5fcf4d9e3350
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.138; 178.162.209.138; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPNduU04GS9oAIDzkKWFHZg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0B57
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk1NTMwOTM1MTkyMTQyNDY4Nw%3D%3D

170 B
409 B

82ms
51ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk1NTMwOTM1MTkyMTQyNDY4Nw%3D%3D

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:30:41 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.138; 178.162.209.138; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b2a38338-53f2-43d0-b675-985978363c62
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk1NTMwOTM1MTkyMTQyNDY4Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634099/ Frame E5AC 243 KB
73 KB 129ms
31ms Script
application/javascript 34.253.161.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634099/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-9298862887854366&ias_chanId=1&ias_placementId=19429528483&bidurl=https://medicoresponde.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h_4LSSfCWzD7t_qufQ-D0G
Requested by: Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.161.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-161-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4d1944cf304305dac20de7a4eee1a625b2ec6d7a62822800ce2bf618f0c2f25a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E5AC 106 KB
37 KB 99ms
21ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
Origin: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 11:09:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame E5AC 8 KB
3 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C88RV3c04ZNJz9V_ienVra1mR0xN8u9ahhWYXUsiBnn_DU6VOlbSFugKHX6BNCYq88RS0kagXnr2CufsbhByV-VvYVElqW5aSQe9erLz1SCT5AEe6If6ic3zXkNX_oLZ_Grbb-9mfo1giO2HxU_jO97tAQh-CYGgTbU6RpR62KOQPpKbM&dbm_d=AKAmf-D4YMo0NFDEAOfBNCPMzy5p6O2FbWB_OQnS7-pd5MZHEl0wyokpLynNydd0zM_Fr3Q7S4kwc75ED7c6mp-RNFAO9nkf6XlxBGRCuksQ2mqL38cIZ1yXWtZm4QfC4w9hFHFI5UJ1Te6myYTEOZfvRF2Wx26fJ7rEjEgHGHendoSzEf0IU7H1t3GTR-UfoLF2oKSo2ijQXttajGpLbnkCYgJtktPx-jrAuk46uP-d8w-vA03bi9HrcI7gdjLXK0GGbDuZdzlbaN-4B24ly-WMIR_rWx_K23vYo6Gi67z2WiWs327B9FpapO8FZanWRNLeAgUUW00LgR2ftEMA9MtRMJWwF3R8OKBfiZkicxwJ2_aWPo0VhEiesQLugZMl2GsaKzb5CiWxvMriToanao5V7B41bKbWadIJ4Twu5XIpJpgBS5Nqjo811VSnhoNlF6Thu_u-mwKbaAOVmCSiOLOH5AZZ_8_dlKf2oUx6Pcsx-biERcn65zo1V5OwF5b1bJz-aaqVwtUPUk6OF-MylWd1K4rHgOwn_Ueg4GxvGDckZmQB01jExPVb_qKcTSOSRhUefIkx0HRlsBUPSeoJzmm0FK_gLnUnaztC1SkXFcVsQZefwrPqz3pAihfUcz9RdGLgoET4vWKG4UnrqqpU4HirFCfpqYW6LDPhLTe22YfQvWU3-Ynbr4bjmOQtu-dpQGVVX9aJn14HuoeeDIW2lEPDDllCLyihw3Je0xcAjya-UqWPsunHQ0OXonVDGQC2hJJBYeNNDqT2q_5mVlxXos37NiviC3Z6jbYfswAtgOBY2r1gzX37cHJfuy8FTocgilwwl6_C683MrP6QzoxiTDwNTDOgsL1ZJFivoWHT9im2FSCUbroHm4gkPBclIuMbZhDwtDkict5fYzyILqyfOaPOBY8niCD-6hxRU2SdbQ5UM8HDj7laBftF99fK7NmlcCQosn6LdXHe2DgmTXn7rOYRYLsouItm7sqokLvimZh4AVids0GAukrjGJ2nEqIUHa0KhDyohOxxz6eu9-KNwE62_ddG3E3WHpbXabjxdSU79iHt1R9_TcUu9FrMf2Ivl0ycZOowlltCfEinvIMtbFuupeE1a6gN5NyJwuJDkqD2NMo-x7J5zkuHDD9an8JGUZ0jwZmFwG5pwWva5RjmExwdepasE2B2kLjm6QSY6EXyMZHq1xD0y-1kPeBXuRMTo_Hb7c-0EfwQuStK-B2IW44cmoeqormfejaoCT2UHzwNC91ivlCL49w6t-qxKY36-HbK7xLezNOhe45dC45-ygYbjv-dXxFcznaJxha8Wb-CW8ag6JdNvJhJmI_msnr7tJ0fn0d8DFjpJDLZohR_32OHWlfheZlaovik6bLNeahP0ekMlF9ae3xeZ1fQ94wqWwHSV_ZBDS4_FffAPyRpiTLl39ZPUc6dqzZomCdETcs50xM26aiSGXdeLtqsy1D8o_aW973I0EAiD71GSxNJMhHwmY3Q1552J9D4e64zokaMi2nleicimCSEvtzFPM0BtlmTiHompzDYGSipFbBVGLzBpzHHr5YmCu7doeqE3zn15CiMwi-TrptvJNknH8-6Ws-zDUATaAW62cc1A1aVtF8B-Oqax_tfix4r34FBu2zyMQC5YHw8d5GP_jNgjs5MMcSKIrKuTBuQN3LDCobki9YMp8j0maYcDUq9HD7jKa3ocAJzuv3RUPr-aB-PQmY2-pbi-dv2mQ23qJ-Jzk_APo7K8pPJN4QRQyXjM76dtn_q-8KA7NypUuj5SHUf4ivEWK5JcFLDP1fbNyRIF9xfAyWfLpPdkA59dN7QALFU87SiGwvXe3VV5beFg7HUdgoO9ultzRdcKl2N1xdw1173gqfWpvTOILBopuvqz83XoHtg41uApCWZegM8sOyNmfOUASmTgVqH1kuWBkethVXrsbdndIwWpU-A507_DOsxeBDyUmAfSTUOEGiBA2Rz_SocTDotJKXFpZPMtHRYlADoxaLpqKJeetfzTO8yKWg5Bm_tndDTaPPsbVX9rJAc8R09InU4VaIMJVSHBxZNYOLG8uqCnB7apcJOHGi1Z1mvWIVQvrSJP01JD336zqQWiCcCg970_OsofDe4Y-lMcy-OncAun6tCQ958HGBnUOXgAYiwd19J7_Vu867eHNg_rTUTJ3HRr6DokqHmBJBxWUpEJIzikgUNtKDQXSPxgDqUxtTPA-C0PA6WsNr3naE0IRxGYna5zczwugzAwthS762eHZxGzp12XiNNc0OeQ12usRJMJmLPw2dGbMfa0G8UT8pGl-D_reXgdsXnjw8ENfgf1fQuCRWde7vcXqyqemEzI9t3c-MM_SQ6J5Qk96dgETlE4DdG9OJ8nfVUAyNR1P6oG4c2968fvdKKDoGhXq1hAEsFOLx_QU8A38EdglI9oOCIz85MP3CDftPIVSy3pjjDLNbDjOYCo0UZAduu7KJm6v3VE2NPJZeFFIklp6pnbQC98zFZnQu2NfJ-3D07dM98Pn7SYj45wBozRJi-y6OFQC32DFOOyCQgSNasTpjh34qUFBVJyPPdKc66o0y48w2PsE4w0CfC7o3mYNFavwY5yMKZtcqhjPpmJPdHclMaD8dLrhd_Hj5uWawyGHoQgaVpPKUT1yEDGUSLr3yv92TDxEG_Knc2BfKtR3GvI_6rCyMddAneTQBEGHlh0RnFvjk992S_I0xmMHXhByPuWiCHW_1C02ZlvVkjvo2THWW3H6n1_oQS3DCaWTxi2pbG6jGmprYT97ufM7bEOKF0BTvSFaQNp2NHqVAOXw18e2PExPESG48Uud49lvp8fX4T8LZHlA-IUVRBucMCbVDH_TB6G7AOXlYK2b5MjtOjc6rA6yo8Fhb1VpvAOnCkGW_v5oFGpf57D7WtxeRSdM9orn_-KomS5Ps7o2DMx-FL1j_f8DH3SGuDr0f92bIAmSan7LJ4mXfml_yoA_EyfNR8Qw6XF5JqmsAaWycj13tm7xYgSDLguxKBD5NweeJGplxjcZ9VpZ-7MjsxT8t5a_p-83Ue-o9MbHt3XnknqsY-LykvTHXG0E_LhaSiRZ9sUaR6FMB-hGI2IOQgyIRpAr2Kskbqpkll2TJ0S4ytHbWewW7tADwKXejenkhaytlmFAFeapPOAPqgOg8ecgArb6TV02k49G3OmD4plnDcAKAHs1vixqE_YCc4-PCf4fRef30EPXsz89jI0nebw88lML0Zpb2ZqFvGZHALk39Dy98FWQaV7qeoyX8U4-Djzn4e2q_KtBsY0ZwwgfFKeS13ZKFNh00fop2fvKdDsdR1UGq0mj-iqO_jE29Mdz5tO_Ss_u-hqbFq1JJJuAIjPUu4D78_GjuQgm_DJYqh33zpbkgmXlPruPyhTPpAyTfYVcHHcZ65kJrT5hEveHRqkyGrOLKa8VXI_laPQzQ9WQuzCJYDwrjqZL3ciUU4ps0-N3IgruIDfZ2gzXGwdbAH24baRxtgvYO_5J2DWFGLKN1BCX3_PYJoJeVeoUfkdJm2dyJJhGEe9Q7INGcMx4AoNSBA_w&cid=CAQSTADUE5ymKV5PYvVWdsEKQGpIQK8mufeXLc8ri6sOVN9lDLgawBauHHnswea_m0Ev9pjXycfUNyzZXxa4U7glbDSZl7HMIhs9MjwPbk4YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmedicoresponde.com.br%2F&ds=l&xdt=1&iif=1&cor=12326614042700802000&adk=250412560&idt=77&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:28:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame E5AC 29 KB
11 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 03:14:20 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E5AC 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 13:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 13:44:31 GMT

GET
DATA 200
OK truncated
/ Frame E5AC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4554da9273faba6772775c12b034bbbad10e62cfc8328a6381e8ed34bcfc274

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B60D 22 KB
8 KB 20ms
18ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 163277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 11:09:24 GMT
expires: Wed, 28 Feb 2024 11:09:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js Show response
pagead2.googlesyndication.com/bg/ Frame B60D 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5352951bf989e18e3743de2c0bffcbe58dbb225a7f4ea33c205df304b5665bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 21:06:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14276
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 21:06:23 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17425118478164857034/ Frame 4242 144 KB
23 KB 45ms
15ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17425118478164857034/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c38c9c0ad13cfe2d9e7eafb46ae69f40fa031efce5570266087babf59a7660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 602620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23058
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 09:07:01 GMT
expires: Fri, 23 Feb 2024 09:07:01 GMT
last-modified: Thu, 24 Feb 2022 10:20:47 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E5AC 0
0 174ms
74ms Fetch
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsso6Maz9EBu0Kau9NsHpRiD9WC-YR6CWe_gk5hPosANFKjIF5DV-lLaetd9YPUsM7MbHBc5w2JZw1u2XvJf17JCLaAMlTn8QGgrS0-l1nqyD9f9GzKr0v4g3YzgbGORWpRJxPfNv8YYoryAs3XKUC6OxPEYQ_XNxcAQELv5YvOx586-f3gWAK4iYyvjTMBlTTsXfXW7InZnun8-nqREiDmAha-goRXFpr0AzdIt4D25jioBLiQD33QZRd9vDkoo4pCm6vQYiNcPwRlVclP_z5AR5oNsqBzCgpkK9b-YQD1UHIDa0qEPbjycLQQzMwUJBdBdASnq41J4_-uQZ9QE9rPI-p_SIwOFpxWilg1AGsu2P3P4yv9HZ2vNQMOqFNx6DTkyyUT10bUwAiR1ixLUMbbBauxY7JgsyO1pGLSxHgddnctEdnVGV8KUHNuppD-VLZpZWf_yjaWBtvIx8fyU9OhlnZBR13yVImpqJwwc9fut3TbuwkeQXY1g38S6rrkcP2aQ8CddP0ifFlgPuKsMSKp2_zNben1nw6TNLixsH5p6dnG99oq2RkdZh7Rq572-slh35RxAjTHLtpJ4YhOhOQinNEdDPLRoEgtgtrl73Cvu8BYtKJn8f0wIglvWXLBJpvkh8svB8Q-fx551ERGybFyg1BzvnASapNBJQ4pv51k5VO_35hVSXwUHucxxu3sfZHTH65qfA6wboKOR5ZfxM-MEMUISIGhjCeEXu9jle6lQLK0hilemKfuIjI12PZuUNvk7zjsRLBfuBq-UDThqKvXIz2c2UBJ7kjfGFaMTbW6N-VuYDhfuCGksboJxBiGKKkndJO4eJA7Xk7bSRBWYZw_t5CuFX0IycPWIpvhlaNW8NnU8Du2OPneQHSqmGPRtEHXNW2PL6drJh30GwReOjbWHYFCqncSD2mjkw5V_jBzaDA7Nuz-vGLu57LsHFQ8WN1QGvejWXr8s11dF-8hulBRKslJ3e2VAyTfJevVkMJiVMen1VzwhERXPp8L75seheSclemE70G7dSX8_BPNHfYNg9Blfdu1A7YNhBD1EjeDqOGqLKve7GbG1fDVVeYlm1rEmrTlhAZIdiLD5Jrai4NNyTshd9ABs5QFi7D-UG60_nU5gqQcgF3dDfpIzfYA4dt58vMsf1oegCAwfZgIjIYSC48CHnOilOiT25iZMYPH_234eOTNs1pvD4c1M8oYGOqfz2stAIKHmP1SFnH3w8000zeS3wG_-2yWorr3aXEewQDEbFc2FU1ffVomPjrHdXuoB3CDb4B2Q06zE0JSewScbeaBvXNWfPMITfSyG-J9XHp6JjT16JrvE6Iu5PClWNGq8aIdMi3T6JofR&sai=AMfl-YQOo13lb6eIC8w4oi2M3O-rV4-BPgox2ipKBHbXT98_4n_IqIIJm78frEs6lgyiclXfQmKkfwTTMYF_oLgorDs3zKrjLQr0W3pFwYSLKVmARY_1-elaiXHFQitxFD5hRZMoBZLaYegyrsh9MmnjjCcnQAfNH2sNXphgbB8TSYTvDkPbhYiQdwk4amRrmej1GAOp5f9YkzAs2y_HCDNpUwDxnE42fxXc4wFhTvVgl71qG1XDJc6aW1oCdkS_1V0cOM1Q3T_k_hvu8Sn7hHKGNj5paZjrnKskuPAm&sig=Cg0ArKJSzDLUZ6PI8qZ5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=120&cbvp=1&cstd=117&cisv=r20230227.90493&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:30:41 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 4242 29 KB
10 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17425118478164857034/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17425118478164857034/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 04:58:31 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame E5AC
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634099/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-9298862887854366&ias_chanId=1&ias_placementId=19429528483&bidurl=https://medicoresponde.co...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

41ms
10ms

Script
application/javascript

2600:9000:21f3:fc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:21f3:fc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: vtoVcOeStqySRz0ovnOpcMO_.XzI7BRS
content-encoding: gzip
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
date: Wed, 01 Mar 2023 19:35:42 GMT
x-amz-cf-pop: FRA2-C2
age: 46500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 22 Feb 2023 19:35:40 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: hx_KvqajUqytiqTJ5x8X7LF3UcnLdjwe1-l1k2_ayfejezALmq5AMA==

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame A537 91 KB
23 KB 67ms
9ms Script
application/javascript 2600:9000:21f3:fc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:04:21 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 9271581
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ab7tcaND29EfmDA370CV66KgJ7aVfbZdumqD9n7_QkFuquAwFhek7g==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E5AC 43 B
215 B 359ms
98ms Image
image/gif 2600:1f18:1aca:4282:d50a:6f81:789a:da23
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=2c607c18-bd32-af88-2a94-8abe9748b4c6&tv=%7Bc:5GU6zd,pingTime:-3,time:39,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:39,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txkKzy0+11%7C12%7C13%7C14*.990511-61634099%7C141%7C1421%7C143,idMap:14*,rmeas:1,rend:0,renddet:na,siq:16%7D&br=c
Requested by: Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d50a:6f81:789a:da23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:42 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E5AC 43 B
216 B 356ms
97ms Image
image/gif 2600:1f18:1aca:4282:d50a:6f81:789a:da23
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=2c607c18-bd32-af88-2a94-8abe9748b4c6&tv=%7Bc:5GU6zf,pingTime:-6,time:41,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:41,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txkKzy0+11%7C12%7C13%7C14*.990511-61634099%7C141%7C1421%7C143,idMap:14*,rmeas:1,rend:0,renddet:na,siq:16%7D&tpiLookup=ao:medicoresponde.com.br*&br=c
Requested by: Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d50a:6f81:789a:da23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:42 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E5AC 43 B
215 B 347ms
98ms Image
image/gif 2600:1f18:1aca:4282:d50a:6f81:789a:da23
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=2c607c18-bd32-af88-2a94-8abe9748b4c6&tv=%7Bc:5GU6zq,pingTime:-2,time:52,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:407,beZ:408,mfA:410,cmA:411,inA:411,inZ:415,prA:415,prZ:419,si:423,poA:424,poZ:444,cmZ:444,mfZ:444,loA:448,loZ:450,ltA:459,ltZ:459%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:52,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txkKzy0+11%7C12%7C13%7C14*.990511-61634099%7C141%7C1421%7C143,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:16,sinceFw:35,readyFired:true%7D&br=c
Requested by: Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d50a:6f81:789a:da23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:42 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E5AC 0
0 63ms
63ms Fetch
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsso6Maz9EBu0Kau9NsHpRiD9WC-YR6CWe_gk5hPosANFKjIF5DV-lLaetd9YPUsM7MbHBc5w2JZw1u2XvJf17JCLaAMlTn8QGgrS0-l1nqyD9f9GzKr0v4g3YzgbGORWpRJxPfNv8YYoryAs3XKUC6OxPEYQ_XNxcAQELv5YvOx586-f3gWAK4iYyvjTMBlTTsXfXW7InZnun8-nqREiDmAha-goRXFpr0AzdIt4D25jioBLiQD33QZRd9vDkoo4pCm6vQYiNcPwRlVclP_z5AR5oNsqBzCgpkK9b-YQD1UHIDa0qEPbjycLQQzMwUJBdBdASnq41J4_-uQZ9QE9rPI-p_SIwOFpxWilg1AGsu2P3P4yv9HZ2vNQMOqFNx6DTkyyUT10bUwAiR1ixLUMbbBauxY7JgsyO1pGLSxHgddnctEdnVGV8KUHNuppD-VLZpZWf_yjaWBtvIx8fyU9OhlnZBR13yVImpqJwwc9fut3TbuwkeQXY1g38S6rrkcP2aQ8CddP0ifFlgPuKsMSKp2_zNben1nw6TNLixsH5p6dnG99oq2RkdZh7Rq572-slh35RxAjTHLtpJ4YhOhOQinNEdDPLRoEgtgtrl73Cvu8BYtKJn8f0wIglvWXLBJpvkh8svB8Q-fx551ERGybFyg1BzvnASapNBJQ4pv51k5VO_35hVSXwUHucxxu3sfZHTH65qfA6wboKOR5ZfxM-MEMUISIGhjCeEXu9jle6lQLK0hilemKfuIjI12PZuUNvk7zjsRLBfuBq-UDThqKvXIz2c2UBJ7kjfGFaMTbW6N-VuYDhfuCGksboJxBiGKKkndJO4eJA7Xk7bSRBWYZw_t5CuFX0IycPWIpvhlaNW8NnU8Du2OPneQHSqmGPRtEHXNW2PL6drJh30GwReOjbWHYFCqncSD2mjkw5V_jBzaDA7Nuz-vGLu57LsHFQ8WN1QGvejWXr8s11dF-8hulBRKslJ3e2VAyTfJevVkMJiVMen1VzwhERXPp8L75seheSclemE70G7dSX8_BPNHfYNg9Blfdu1A7YNhBD1EjeDqOGqLKve7GbG1fDVVeYlm1rEmrTlhAZIdiLD5Jrai4NNyTshd9ABs5QFi7D-UG60_nU5gqQcgF3dDfpIzfYA4dt58vMsf1oegCAwfZgIjIYSC48CHnOilOiT25iZMYPH_234eOTNs1pvD4c1M8oYGOqfz2stAIKHmP1SFnH3w8000zeS3wG_-2yWorr3aXEewQDEbFc2FU1ffVomPjrHdXuoB3CDb4B2Q06zE0JSewScbeaBvXNWfPMITfSyG-J9XHp6JjT16JrvE6Iu5PClWNGq8aIdMi3T6JofR&sai=AMfl-YQOo13lb6eIC8w4oi2M3O-rV4-BPgox2ipKBHbXT98_4n_IqIIJm78frEs6lgyiclXfQmKkfwTTMYF_oLgorDs3zKrjLQr0W3pFwYSLKVmARY_1-elaiXHFQitxFD5hRZMoBZLaYegyrsh9MmnjjCcnQAfNH2sNXphgbB8TSYTvDkPbhYiQdwk4amRrmej1GAOp5f9YkzAs2y_HCDNpUwDxnE42fxXc4wFhTvVgl71qG1XDJc6aW1oCdkS_1V0cOM1Q3T_k_hvu8Sn7hHKGNj5paZjrnKskuPAm&sig=Cg0ArKJSzDLUZ6PI8qZ5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=245&vt=11&dtpt=125&dett=3&cstd=117&cisv=r20230227.90493&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: medicoresponde.com.br
URL: https://medicoresponde.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:30:41 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 4242 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17425118478164857034/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 08:31:45 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 4242 3 KB
1 KB 18ms
17ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17425118478164857034/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 08:45:00 GMT

GET
H3 200 head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 4242 11 KB
3 KB 22ms
21ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17425118478164857034/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3285
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 08:42:39 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 4242 4 KB
2 KB 19ms
18ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17425118478164857034/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 08:41:15 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 4242 6 KB
2 KB 22ms
22ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17425118478164857034/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 08:39:56 GMT

GET
H3 200 300x600_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 4242 37 KB
37 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x600_kv_paar.jpg

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fec1d82b204775d2e2ff9fae80da6c932e9a5dbf9fea4e4e9bdfdf48e5dc2eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17425118478164857034/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:22:36 GMT
x-content-type-options: nosniff
age: 485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38190
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 09:52:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 08:37:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
49ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022801&jk=2876039829190343&bg=!mJulm8_NAAbK-VRH6vk7ADkAdvg8Wkhn9HK5jHCNhoTyVDf186QV1sT-WDOXDShmAyCfx90zzAiWXB8md9HKLKMdBNPzAPv7vdQCAAAASlIAAAACaAEHCgBaWfB7Ownz87ES9EbScmUiPwHLn227Ush0ro1YziMWkRF4uZnl7pHU9uP7gKcbJKuCj4vnn73nCvuB51QhHD9tbfdAkF-A9BjNRrxkdNa9LTU0BY2jlgjm0Xi1mQKa5W0kZ6Zk579YcWV2jAOcLXPq2lS7F7QYsM-bwOEXhB654zRH7IUv5YSE12gKvPh3oHJdwbSgm2FMPS-7asSXDXcDz8VKsG0sA3vdwtzcuAVzOgCGZDf7l0dvp3eZ36gqQz5qGRzdnHctPITgIQmw9NgLBTMCRExnMoSZQ_7ofV_LphUbPs_Pw4HUj4iiFqBlKnnsm9r3YqInDDaAkl4x9eCe9QAFCoz5PnYSY1A9m_KvnKFVlk9rqogPUI4JGbW8NUbeESBRzTQo4rMBstO2fOB0b2A017tC9YynW-lQSz1hTbGYqScPEhQeUvcF8MnFL6zRrXJX6Eukx6hUb0N78tLiWJtGemfmcOlMV9Ro_w_XUlhEy6CZlwdSVX8MqkCNSY8iSTnjFKzSL79_fx5Uu2IVXFLao7jsqe77W0LvPcgH1LPs9PavAYWQL2POzolagN3IvsiYtudlC4ej6GkhhKzT7Qrdf_-3jt_umerKMn8ad3HRoGRqwIauJQuK1qomJWwc2bOJwdTG__eLZIeFLhqztqSZZ-WX4iDuPSbeqZ4KE8AU0mOfoCWgjKmDc83wtTLmm2Ltrc1vphZ2XkoOFXFG3lHoR-t9vj7rgzG5G3qFIXNZr38mCe_JRKLdRixmQnu8Ycr0TH66e6TrThI3RuMVxHN1AhwcRcIkC1x947VOw5NaMzoOmrQI08VtSdKBw__W9AoryeYhGAwjeTjJJwJ15J_IJA4zNE-cq25K16jRohwQTAxxwtuGl5KdO_igNn3-i63JXX4HAnpENfFV9hG1H88Ln1rvAxCFY3m1J_TvwzJBojiU23U5ARYszoE6ksLl9FnUToAHX3FfkogP3Tdd3YeBpMpECX7J9qJCzPVSe5oj9mvCmTDH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medicoresponde.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E5AC 43 B
215 B 284ms
99ms Image
image/gif 2600:1f18:1aca:4282:d50a:6f81:789a:da23
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=2c607c18-bd32-af88-2a94-8abe9748b4c6&tv=%7Bc:5GU6Ar,time:115,type:e,im:%7Bpci:%7Btdr:46%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:115,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B110~0%5D,as:%5B110~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txkKzy0+11%7C12%7C13%7C14*.990511-61634099%7C141%7C1421%7C143,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:16,sis:111%7D&br=c
Requested by: Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d50a:6f81:789a:da23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:42 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B60D 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAsR4sV4AZP-pJPTe7gPt26vYDQAAAAA4AeAEAg&bg=!2tml2Y3NAAbK-VRH6vk7ADkAdvg8WuysQiki2XS3LMIpBGDQ9M9tGJigKvNm5KirBs4NDzRAUPyptxZySjV5lPIrLGeoSP21HN0CAAAAilIAAAADaAEHmQLucwu6RSeanwCifRldH4EnTSC6dnsMAzwOq4IiPgyvZsUVTzH39pN9OcTnCXNvzJBSPMyCMhnLgBEh1nDJsHl3LcML16OVc3VsLqFhxJPmKsHcA1qYg49BXqievoUyIgYsXZcw6W6PYoyQKGIdBExHuGK7nrPEz6xiw3yR5i3aJjtsj9DmLgfJbqw1siny7ytSJ82t05u-yoNjKeHTnJMwCx2IZ4ArQEsnUHp2C_KwIVUbyq-JuMdr6Fj2oiiyHNoZny2rx4zigzScnVTBJqI2sGIm58Qyza4jyKqj4J8A77nzGlK5r-qeMbBiDjSnIq2Wji1QAekbqLN14PWL58jzyIS_xj-lyfVBX_OI98aN64L1aN6hcjONrwfVOFJm88midE8sWIisxR_TPDniJ_sZ7f5SJVWWQLJM04_XU_5LdGIqJ5bG9ol9fbKmpvZNijDYJZ6r3Q0NNElzMkb8appodN15WgSBKmSrNWjky8Ov4BHpigwYY6aydOhePd7efdLaS2n88JZvw1N6aj-ocYAwdSmKRhzBkjPxM4zmW3Hs8L6EoXRA56QaHJD-PjxQMqrBQ7ZXuxiv1oLZOlnyWGu03JZ5dgYGiMGXL4wTUG-GdqnJqNraq_bndKGl1tASIlr8INUl9vCcNm95-p06_6Y3QiAGG8ydoOVuELVM_avwiuyVBApoPd-KVtawX91Ego-sjRaOg7ka1JqsfmKmIUUum800odZdM1VBPnlEXDpKIZF1evoxJrvBsDqrNvzaBIir5nVomPvgxwATlPk-03z4GSg8pnbNh5S2YNeCwmT7ARe1EMPDV3BcDQrRAaaPasfpiPPE6iCGiGQi7t4t9w50aCp-daxCaqaJVEkeQKuqWXnu7YgLY64LSFmoEYRL374rzkwFgREM78e_3hVIq9u-0v60I_hcyQDTRZ8EMzeXxrZstdVZEX4Uz1Tiaucp_hcKjk3Z1Fmpmm3iMPx1zu_GoYcFC0okYaaZP0ql8H-n

Requested by

Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E5AC 43 B
215 B 98ms
97ms Image
image/gif 2600:1f18:1aca:4282:d50a:6f81:789a:da23
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=2c607c18-bd32-af88-2a94-8abe9748b4c6&tv=%7Bc:5GU6EX,pingTime:-10,time:395,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xNzcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1677745842243%7C%7C3ff0ef9f9656786db8bc1a978275c683%7C%7C15c1c3073e5c3cda0308b87e66c0c1e4%7C%7C394b41fbda1d3b0e72e523bd0a440014%7C%7C001c3c2ba869c2e25fb443ab9609dccf%7C%7C7cff2f456660dd421c2a61b19a71a9f6%7C%7C15ec732c2d96fa49df26ce7e7752fb9b%7C%7Cd9db3c49caa4c4702228daea08c0e8e3%7C%7C1663701684%7D
Requested by: Host: 1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
URL: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d50a:6f81:789a:da23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:42 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5AC 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8313726850231&version=m202301230201&ct=76&x=1&cor=12326614042700802000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medicoresponde.com.br/	1970-01-20 10:02:29	Name: AMP_TOKEN Value: %24NOT_FOUND
.medicoresponde.com.br/	1970-01-20 19:38:25	Name: _ga Value: GA1.3.930577219.1677745841
.medicoresponde.com.br/	1970-01-20 10:03:52	Name: _gid Value: GA1.3.462812400.1677745841
.medicoresponde.com.br/	1970-01-20 10:02:25	Name: _gat Value: 1
.medicoresponde.com.br/	1970-01-20 10:02:25	Name: _gat_UA-34930850-18 Value: 1
.medicoresponde.com.br/	1970-01-20 19:24:01	Name: __gads Value: ID=fa6e29ea287150eb:T=1677745840:S=ALNI_MbrWmTr1hk5E9x3HYxIrLAUUEJkrQ
.medicoresponde.com.br/	1970-01-20 19:24:01	Name: __gpi Value: UID=00000bbd8f91f9f9:T=1677745840:RT=1677745840:S=ALNI_Madto7Cxekz9ykXcQUGRKr1nx2LTA
.doubleclick.net/	1970-01-20 19:24:01	Name: IDE Value: AHWqTUmnTlt-ZzXZ5-UGjJpXB5DdqrAvW211ziagHcNyHEiqMMWFG8mPj0fvi8lv
.adnxs.com/	1970-01-20 12:12:01	Name: uuid2 Value: 4955309351921424687
.casalemedia.com/	1970-01-20 18:48:01	Name: CMID Value: ZABesdyxFh5M0c0llj4lIgAA
.casalemedia.com/	1970-01-20 12:12:01	Name: CMPS Value: 5206
.casalemedia.com/	1970-01-20 12:12:01	Name: CMPRO Value: 5206
.adnxs.com/	1970-01-20 12:12:01	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In9A7:3p!@wnfH8K6pQK`!5=E<L5>xj'3?YQXcw2Gl4BlP1Z47blx'(sC!zcPe[c2p%nugO%v4VB%nnl@*(s:9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a29b7caa3b7c6d3d8c9427525315b30.safeframe.googlesyndication.com
7gra.us
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eu.7gra.us
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
medicoresponde.com.br
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.medicoresponde.com.br
stats.g.doubleclick.net
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.honcode.ch
142.251.39.66
158.69.248.161
167.114.90.133
185.80.39.216
185.83.142.19
195.70.1.181
2600:1f18:1aca:4282:d50a:6f81:789a:da23
2600:9000:21f3:fc00:8:48e:53c0:93a1
2606:4700::6810:7eaf
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2006
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2001
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2004
2a00:1450:400d:80d::200e
2a00:1450:4025:401::9b
34.253.161.49
51.81.102.148
015b18250e151af0b350cfed2a27643eae9a1108a65abe8410c01f9b7c646a11
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
07861610ebc45cb7e014b89030d93738b2c6bf0265727690157e90023c9e070b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1345f3df5720f4ab65e32448ff9c79cef04cbe582e260bf6440ccf72cb45b0be
1667349b051ad404e45fa4bd7ed6c1364e16c88610cab2f2e2365ce1cbb54a94
168bd9b3d1f15a5a64140cb1eec7197eda3d7d9b266c98bb1f50d0091fa473b2
16a3e62773565c575834c23a737a971202289a5d1ba2ee7d4b1a2ad4d3ec08b4
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c5ae596988bc5f95f8a3b7f05c6ecf6336c81b7ba42827c7dcb70ae2dacb77e
41c076b185d2dc7c8bd46fa7332340629be52f1702f3065d487431335d18caaf
4474e7afa6f1ee42a8257c9bd3e6b7ca1b4023e92aadc3e103577097bf5baa5c
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a4037af9a1227880cfacc5eacdfdda56ccfe6966b5f36a4fed2300ff1afde97
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1944cf304305dac20de7a4eee1a625b2ec6d7a62822800ce2bf618f0c2f25a
4df0ea548b9c8b2ddc40b9d41e062993279e93ebd8cc683b80cc20cadeac9760
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5352951bf989e18e3743de2c0bffcbe58dbb225a7f4ea33c205df304b5665bd8
555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59becaeaa1622648362b9d6baef1d20ca82c1cf964458513a03d7e75d08b3ee8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
8d2e326871113a6631199980b6f692da3153f2908a923d16cb1237321bdbba1c
8df7f56342424e63dd92744bb8742e1815a0e78bdb395676924bd49f8be49c78
94e0db1d92e7f7bca01cc07a16abb8c2e9bf762e9742100be5103daa4603539c
96a83ab2ad178ce5e682c3121648158955e463a0b64dc827310b7f6adafe2b2e
96f4d0062b00f92410ea7eee929c29346b50e956793f8b2abe31ee3cfd5ff79f
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9e0a47a608b4ac1de5c3a11c4aa41ca80cb0dd820b050e7f8c7c6da3c897ac7d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a769166be88381ff553dd898537609ee8a973c37bd5ba3890d6ea0bb7fc2a41c
a914d8660b651ae1a80383979c351b679b4a11bc330467b09ccfd7fb7db4e95d
ae9402a1c863fb2f0688d78dceca2ba4d3832111567d0801f6bf10f033c3f019
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b668f0a051806b00623a3c9bb8ddd7d9ae5d926e6bb81becd8dda6a54867b133
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
bc30bc3a9e0e6e993ddef29be946b2ab7bf1f13155760424ffaf44d8d38be4f6
bef775f255ade6bac5ad4e4cba1ca6d7f3b286b76accebd475aaed1af6ec5cfd
bfebbe30a87dd77ac8ea5f224a77aabd3136d7d9a21de054e12e2f254599ca49
c1c38c9c0ad13cfe2d9e7eafb46ae69f40fa031efce5570266087babf59a7660
c4554da9273faba6772775c12b034bbbad10e62cfc8328a6381e8ed34bcfc274
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccd9121a14b7d9a66e942de02634cb4058f3b8faa32ae268a14fb6a8fe301d4e
cfa9603baa93612a1b37809e9b2eba09a87ec42ad81ba6c532d2eac56cde5b85
d094dd35621b1528eb3847231a675903cc626fa9474d6bb13cf87ee0cd708939
d9467d95786b03f066eef98f39be104de6c31d9eb4983f80e4a7ca730017534c
dbe41418d694979230a57b38f670b6926fdfd497c3bc49dae930760b77ca79e1
ddadd9c9eabbd03425127536a1bb86d8651bf5d3a7bcce322c5c46f1fdbdb822
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
eefb28288ce03e9973866e1076f67af88f234929754c97838f07ddeff5a907e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa40cbf948df229f54bc07b7071c6c3dbe55590fa93f6795971abb751b182cbf
fec1d82b204775d2e2ff9fae80da6c932e9a5dbf9fea4e4e9bdfdf48e5dc2eeb

medicoresponde.com.br Open in urlscan Pro 51.81.102.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

94 %HTTPS

70 %IPv6

15 Domains

29 Subdomains

28 IPs

6 Countries

962 kBTransfer

2326 kBSize

13 Cookies

1 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

medicoresponde.com.br Open in urlscan Pro
51.81.102.148 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

94 %
HTTPS

70 %
IPv6

15
Domains

29
Subdomains

28
IPs

6
Countries

962 kB
Transfer

2326 kB
Size

13
Cookies

96 HTTP transactions
1 data transactions