enfermagemesaude.com.br Open in urlscan Pro
104.200.21.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://enfermagemesaude.com.br/
Submission Tags: falconsandbox
Submission: On February 19 via api (February 19th 2022, 6:47:40 am UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 13 domains to perform 70 HTTP transactions. The main IP is 104.200.21.48, located in Richardson, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is enfermagemesaude.com.br.

This is the only time enfermagemesaude.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	104.200.21.48 104.200.21.48	63949 (LINODE-AP...) (LINODE-AP Linode)
16	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3 7	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2 4	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.18.213.219 52.18.213.219	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
3	2600:9000:224... 2600:9000:224a:7200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
8	34.206.96.78 34.206.96.78	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e051	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
70	20

10 104.200.21.48 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li799-48.members.linode.com

enfermagemesaude.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.141.232 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.213.219 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-213-219.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:224a:7200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.206.96.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-96-78.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e051 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120	255 KB
14	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	170 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 671 static.adsafeprotected.com — Cisco Umbrella Rank: 502 dt.adsafeprotected.com — Cisco Umbrella Rank: 465	96 KB
10	enfermagemesaude.com.br enfermagemesaude.com.br	379 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	198 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 31	17 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	66 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1135	63 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	655 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 9027	792 B
70	13

	Domain	Requested by
13	pagead2.googlesyndication.com	enfermagemesaude.com.br pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	enfermagemesaude.com.br	enfermagemesaude.com.br
8	dt.adsafeprotected.com	092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
4	s0.2mdn.net	enfermagemesaude.com.br s0.2mdn.net 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com enfermagemesaude.com.br
3	static.adsafeprotected.com	fw.adsafeprotected.com 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	enfermagemesaude.com.br
2	fw.adsafeprotected.com	1 redirects enfermagemesaude.com.br
2	092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	1 redirects enfermagemesaude.com.br
2	www.googletagservices.com	enfermagemesaude.com.br 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
1	code.createjs.com	s0.2mdn.net
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	enfermagemesaude.com.br
70	22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh

This page contains 11 frames:

Primary Page: http://enfermagemesaude.com.br/
Frame ID: 463AFB12E40DA587CCD2DF6C512B3E43
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html
Frame ID: 6747B1F402A01B44A7FF1E677C1DB150
Requests: 1 HTTP requests in this frame

Frame: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 011C2B4AC2B3788BC34BC6B423F9B0F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3706322130769690&output=html&adk=1812271804&adf=3025194257&lmt=1645253255&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fenfermagemesaude.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1645253255099&bpp=4&bdt=517&idt=204&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6953596408625&frm=20&pv=2&ga_vid=1709876937.1645253255&ga_sid=1645253255&ga_hid=588990180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31060047%2C44756895&oid=2&pvsid=3989429259373420&pem=17&tmod=1573345407&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=216
Frame ID: 7EF2E8E7E7CF103D35A0DFD62E824125
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D982907F8349087D36EA30571108F26D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A9B482AC7BF722B59082C63518EDB390
Requests: 2 HTTP requests in this frame

Frame: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8293C57E8569023A30A9C85D41C9DFB3
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY86jQwQEwAQ&v=APEucNVo_VcZ6xB0cTY0a_n_aOw816gca3aRxC2VpCefWSmMBAuuZYSI2V8QpdEwOeRNeD8poptz3ewKB7WBPQJ-qYsq6fpH9B2CMnbXcYcsSbTkTW1e2rQcbSYi26YdEqgjHcqx5qn2XMtKhXRaF7oubvT_b5PH6RDlns0UXi86W1gesCH7su8
Frame ID: DD209A18187A8696E58DBF9D8126B6F1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1CEA002D6B9A4136C1C16FB66DD65D92
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14739093593110180362/index.html
Frame ID: 36B1A23AE018B03216BC429630BE93A5
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 006C86898C982EF89E5530AE8321D714
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Enfermagem e Saúde - Notícias, Eventos, Concursos, Questões de Concursos

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

70
Requests

73 %
HTTPS

58 %
IPv6

13
Domains

22
Subdomains

20
IPs

4
Countries

1250 kB
Transfer

3199 kB
Size

15
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/enfermagemsaude
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/EnfermagSaude
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/pub/enfermagem-e-sa%C3%BAde/2a/948/b43
Title: Linkedin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 14

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1865033346&utmhn=enfermagemesaude.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Enfermagem%20e%20Sa%C3%BAde%20-%20Not%C3%ADcias%2C%20Eventos%2C%20Concursos%2C%20Quest%C3%B5es%20de%20Concursos&utmhid=588990180&utmr=-&utmp=%2F&utmht=1645253255039&utmac=UA-2607526-6&utmcc=__utma%3D102847188.1709876937.1645253255.1645253255.1645253255.1%3B%2B__utmz%3D102847188.1645253255.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=227678340&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1865033346&utmhn=enfermagemesaude.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Enfermagem%20e%20Sa%C3%BAde%20-%20Not%C3%ADcias%2C%20Eventos%2C%20Concursos%2C%20Quest%C3%B5es%20de%20Concursos&utmhid=588990180&utmr=-&utmp=%2F&utmht=1645253255039&utmac=UA-2607526-6&utmcc=__utma%3D102847188.1709876937.1645253255.1645253255.1645253255.1%3B%2B__utmz%3D102847188.1645253255.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=227678340&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2607526-6&cid=1709876937.1645253255&jid=227678340&_v=5.7.2&z=1865033346

Request Chain 37

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIeRTg8LFVRWkROzQOZBr68&google_cver=1

Request Chain 38

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhCSh5ycFcg7YGCejHbIXQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIeRTg8LFVRWkROzQOZBr68&google_cver=1

Request Chain 39

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJuQeGtHmX5HrS-8sc2lwPs&google_cver=1

Request Chain 40

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyMjY4NDIyMjE4ODI2MjY4Mg%3D%3D

Request Chain 54

https://fw.adsafeprotected.com/rfw/st/949432/60827840/skeleton.js?ias_dspID=3&ias_campId=26650973&ias_pubId=pub-9260584092443715&ias_chanId=1&ias_placementId=16192691453&bidurl=http://enfermagemesaude.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gg-Z-bMPMq49817NkZL831&adsafe_url=http%3A%2F%2Fenfermagemesaude.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6a876f37-fb40-01a3-b21d-db642fac6b91,c:4EamXO,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6f98775bcf-nhrcj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:94,fm:sXRMZI7+11%7C12%7C13%7C14%7C15*.949432-60827840%7C151%7C1521%7C153,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:114,oid:d27e50ce-914f-11ec-bb6c-764bfea30594,v:19.8.289,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
enfermagemesaude.com.br/ 16 KB
6 KB 650ms
198ms Document
text/html 104.200.21.48
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://enfermagemesaude.com.br/
Protocol: HTTP/1.1
Server: 104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li799-48.members.linode.com
Software: nginx/1.6.2 + Phusion Passenger 4.0.53 / Phusion Passenger 4.0.53
Resource Hash: 455cea1d9ad105a65b24acf22cbec531caf7383f00011959517d3e921196be0e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 200 OK
X-UA-Compatible: IE=Edge,chrome=1
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 1d14d7a821136934a46e30a2a1c83b69
X-Runtime: 0.072127
Date: Sat, 19 Feb 2022 06:47:34 GMT
X-Rack-Cache: miss
X-Powered-By: Phusion Passenger 4.0.53
Server: nginx/1.6.2 + Phusion Passenger 4.0.53
Content-Encoding: gzip

GET
H/1.1 200
OK application-9307a9f280fdce6074d8071ed72579c9.css
enfermagemesaude.com.br/assets/ 188 KB
38 KB 127ms
127ms Stylesheet
text/css 104.200.21.48
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
Requested by: Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol: HTTP/1.1
Server: 104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li799-48.members.linode.com
Software: nginx/1.6.2 /
Resource Hash: 45b667386c04e0e6d8e79c27df8fdbe81df66ea059d95a2daf67ff9f6470f991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 06:47:34 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Jan 2021 01:38:31 GMT
Server: nginx/1.6.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK 3_medium.jpg
enfermagemesaude.com.br/system/images/19927/ 10 KB
10 KB 247ms
123ms Image
image/jpeg 104.200.21.48
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://enfermagemesaude.com.br/system/images/19927/3_medium.jpg?1615784952
Requested by: Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol: HTTP/1.1
Server: 104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li799-48.members.linode.com
Software: nginx/1.6.2 /
Resource Hash: 727aaccb9eefa71e2a06db045ccdbefb5ecc1cbd031f15b467bada6651ebb4bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 06:47:34 GMT
Last-Modified: Mon, 15 Mar 2021 05:09:12 GMT
Server: nginx/1.6.2
ETag: "604eebf8-26fb"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9979

GET
H/1.1 200
OK 4_medium.jpg
enfermagemesaude.com.br/system/images/19934/ 8 KB
8 KB 135ms
135ms Image
image/jpeg 104.200.21.48
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://enfermagemesaude.com.br/system/images/19934/4_medium.jpg?1615784989
Requested by: Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol: HTTP/1.1
Server: 104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li799-48.members.linode.com
Software: nginx/1.6.2 /
Resource Hash: 57b0cd0a966a1b87dd8947da07acba8c410324ed5af457516f6c3cd8ebf06748

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 06:47:34 GMT
Last-Modified: Mon, 15 Mar 2021 05:09:49 GMT
Server: nginx/1.6.2
ETag: "604eec1d-1ffd"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8189

GET
H/1.1 200
OK 5_medium.jpg
enfermagemesaude.com.br/system/images/19939/ 12 KB
12 KB 253ms
126ms Image
image/jpeg 104.200.21.48
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://enfermagemesaude.com.br/system/images/19939/5_medium.jpg?1615785046
Requested by: Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol: HTTP/1.1
Server: 104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li799-48.members.linode.com
Software: nginx/1.6.2 /
Resource Hash: 984c2c88c38aefec7b699a03d5bc9fb5160b2b51b997ff5da44fffe29f2b0e16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 06:47:35 GMT
Last-Modified: Mon, 15 Mar 2021 05:10:46 GMT
Server: nginx/1.6.2
ETag: "604eec56-2e50"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11856

GET
H/1.1 200
OK 2_medium.jpg
enfermagemesaude.com.br/system/images/19942/ 10 KB
10 KB 252ms
123ms Image
image/jpeg 104.200.21.48
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://enfermagemesaude.com.br/system/images/19942/2_medium.jpg?1615784873
Requested by: Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol: HTTP/1.1
Server: 104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li799-48.members.linode.com
Software: nginx/1.6.2 /
Resource Hash: 7c9cf5876c2d01a8764c2c7abf6f19f12918891e6562a44aa606b823ae1703f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 06:47:35 GMT
Last-Modified: Mon, 15 Mar 2021 05:07:53 GMT
Server: nginx/1.6.2
ETag: "604eeba9-27fc"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10236

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
53 KB 169ms
81ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a54dc9866dfd1cdf5a43c348a42f4939533300117750a983670d3ebd640bd50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 06:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53579
x-xss-protection: 0
server: cafe
etag: 250732690455148424
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 06:47:34 GMT

GET
H/1.1 200
OK application-b03045e9b70a9478bdbeb876220e05e0.js Show response
enfermagemesaude.com.br/assets/ 621 KB
226 KB 126ms
126ms Script
application/javascript 104.200.21.48
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://enfermagemesaude.com.br/assets/application-b03045e9b70a9478bdbeb876220e05e0.js
Requested by: Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol: HTTP/1.1
Server: 104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li799-48.members.linode.com
Software: nginx/1.6.2 /
Resource Hash: 00075146c3bc44a32c3e2383d047eef32d91f7dd3f38de61019bee94f3b1b2b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 06:47:34 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Jan 2021 01:38:31 GMT
Server: nginx/1.6.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 87ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bec41605f65590f408d8cf1c648de86b3d19f588dcd18e2568afccecbaf271cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 06:47:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1136 / 287 of 1000 / last-modified: 1645225613"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 27551
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Sat, 19 Feb 2022 06:47:34 GMT

GET
H/1.1 200
OK bg_deg.png
enfermagemesaude.com.br/assets/ 360 B
597 B 254ms
127ms Image
image/png 104.200.21.48
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://enfermagemesaude.com.br/assets/bg_deg.png
Requested by: Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
Protocol: HTTP/1.1
Server: 104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li799-48.members.linode.com
Software: nginx/1.6.2 /
Resource Hash: c30202a1419fd6f73df4e1fd04a39ff97a70c1dc2f2e04cf1f122d453c6c83e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 06:47:35 GMT
Last-Modified: Sat, 30 Jan 2021 01:38:40 GMT
Server: nginx/1.6.2
ETag: "6014b8a0-168"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 360

GET
H/1.1 200
OK fontawesome-webfont-b692b242d25f5bc7862d7c724c6da504.woff
enfermagemesaude.com.br/assets/ 43 KB
43 KB 245ms
124ms Font
application/font-woff 104.200.21.48
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://enfermagemesaude.com.br/assets/fontawesome-webfont-b692b242d25f5bc7862d7c724c6da504.woff
Requested by: Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
Protocol: HTTP/1.1
Server: 104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li799-48.members.linode.com
Software: nginx/1.6.2 /
Resource Hash: 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

Referer: http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
Origin: http://enfermagemesaude.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 06:47:35 GMT
Last-Modified: Sat, 30 Jan 2021 01:38:31 GMT
Server: nginx/1.6.2
ETag: "6014b897-aa34"
Content-Type: application/font-woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43572

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

124ms
40ms

Script
text/javascript

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/

Protocol

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2683
date: Sat, 19 Feb 2022 06:02:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 19 Feb 2022 08:02:51 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK social-icons.png
enfermagemesaude.com.br/assets/ 25 KB
25 KB 191ms
125ms Image
image/png 104.200.21.48
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://enfermagemesaude.com.br/assets/social-icons.png
Requested by: Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
Protocol: HTTP/1.1
Server: 104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li799-48.members.linode.com
Software: nginx/1.6.2 /
Resource Hash: 8e522f02f3b47b6f110d7e81a8d3b5f5879d2a37950fa279c30808cf51c6ba96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 06:47:35 GMT
Last-Modified: Sat, 30 Jan 2021 01:38:40 GMT
Server: nginx/1.6.2
ETag: "6014b8a0-630f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25359

GET
H2 200 pubads_impl_2022021502.js Show response
securepubads.g.doubleclick.net/gpt/ 360 KB
121 KB 138ms
40ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064986

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

61daa5e10d1910c94db36832a3adb3e9bec2c60a0b584b37daea27f634f36fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 21:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123418
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 02:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Feb 2023 21:16:39 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 86 B
714 B 143ms
45ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=enfermagemesaude.com.br

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a29d5bdf96440fde5bdb52364bd66fb9b755ec625d8548ce309ec0ec75bb18d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 06:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78
x-xss-protection: 0
expires: Sat, 19 Feb 2022 06:47:35 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1865033346&utmhn=enfermagemesaude.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1865033346&utmhn=enfermagemesaude.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&ut...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2607526-6&cid=1709876937.1645253255&jid=227678340&_v=5.7.2&z=1865033346

35 B
430 B

58ms
19ms

Image
image/gif

2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2607526-6&cid=1709876937.1645253255&jid=227678340&_v=5.7.2&z=1865033346

Requested by

Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/

Protocol

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 19 Feb 2022 06:47:35 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:35 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2607526-6&cid=1709876937.1645253255&jid=227678340&_v=5.7.2&z=1865033346
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 290 KB
104 KB 111ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3706322130769690&plah=enfermagemesaude.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 06:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106772
x-xss-protection: 0
server: cafe
etag: 16804192996499609317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 06:47:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/ Frame 6747 10 KB
5 KB 123ms
39ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sat, 19 Feb 2022 03:15:22 GMT
expires: Sat, 05 Mar 2022 03:15:22 GMT
cache-control: public, max-age=1209600
age: 12733
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 133ms
48ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=enfermagemesaude.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 06:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
46ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=enfermagemesaude.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 06:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 486ms
442ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3989429259373420&correlator=532478581366130&output=ldjh&impl=fif&eid=31061815%2C31064151%2C31064904%2C31064986%2C44756895&vrg=2022021502&ptt=17&sc=0&sfv=1-0-38&ecs=20220219&iu_parts=1924533%2Chome_leaderboard_top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=23&abxe=1&dt=1645253255274&lmt=1645253255&dlt=1645253254582&idt=674&frm=20&biw=1600&bih=1200&oid=2&adxs=-30&adys=200&adks=1222635766&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fenfermagemesaude.com.br%2F&vis=1&scr_x=0&scr_y=0&psz=1630x20&msz=1630x0&ga_vid=1709876937.1645253255&ga_sid=1645253255&ga_hid=588990180&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064986

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

0450586a4f99f43ca1fc3785a3511a41211adf82045c85e562f2d68c7de18b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 06:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7727
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://enfermagemesaude.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 011C 6 KB
4 KB 165ms
46ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 19 Feb 2022 06:47:35 GMT
expires: Sun, 19 Feb 2023 06:47:35 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 227 B
655 B 135ms
48ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=enfermagemesaude.com.br&callback=_gfp_s_&client=ca-pub-3706322130769690

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3706322130769690&plah=enfermagemesaude.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8119ba2aed4561fda7b33012e130a0290ed9a4ea94e962753773e5dddee2f54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 06:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fenfermagemesaude.com.br%2F&tn=SPAN&id=talk&cls=talk&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7EF2 603 B
68 B 107ms
61ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3706322130769690&output=html&adk=1812271804&adf=3025194257&lmt=1645253255&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fenfermagemesaude.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1645253255099&bpp=4&bdt=517&idt=204&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6953596408625&frm=20&pv=2&ga_vid=1709876937.1645253255&ga_sid=1645253255&ga_hid=588990180&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31060047%2C44756895&oid=2&pvsid=3989429259373420&pem=17&tmod=1573345407&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=216

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 19 Feb 2022 06:47:35 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Feb 2022 06:47:35 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 102ms
57ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021502&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064986

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d01ab1fadf140b16b9bd5088782e62e6f090cde9a5b303abb77b133d414aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 06:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9893
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 172ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 06:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 06:47:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D982 13 KB
5 KB 87ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Feb 2022 22:42:12 GMT
expires: Sat, 18 Feb 2023 22:42:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 29123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A9B4 783 B
1 KB 130ms
46ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3cc7e7ac996903a0598a8474b357a9ec86840cf436a90887a988127c25111e25

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mElmYKsLNE0Dgs/Fq8fkCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 19 Feb 2022 06:47:35 GMT
date: Sat, 19 Feb 2022 06:47:35 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-mElmYKsLNE0Dgs/Fq8fkCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8293 6 KB
3 KB 86ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064986

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Feb 2022 06:47:35 GMT
expires: Sun, 19 Feb 2023 06:47:35 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js Show response
pagead2.googlesyndication.com/bg/ Frame D982 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 20:36:45 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DD20 624 B
300 B 51ms
51ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY86jQwQEwAQ&v=APEucNVo_VcZ6xB0cTY0a_n_aOw816gca3aRxC2VpCefWSmMBAuuZYSI2V8QpdEwOeRNeD8poptz3ewKB7WBPQJ-qYsq6fpH9B2CMnbXcYcsSbTkTW1e2rQcbSYi26YdEqgjHcqx5qn2XMtKhXRaF7oubvT_b5PH6RDlns0UXi86W1gesCH7su8

Requested by

Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 19 Feb 2022 06:47:35 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Feb 2022 06:47:35 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8293 86 KB
34 KB 154ms
154ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJnOaWBxxeE4-ksCMgnTySgtpFzx0N4FUhwTbu026-jIYkGp4qdOri9xp_fDpBSt2cS6rqrhkRGP3qqsZ_5YaaLHZcRw3P3vI-qnt0Zbm8nl81L-D1l_gAaIJzXjlWQZm4Cptu6TDHRXXuYRoXzXEsHOrt-Q&dbm_d=AKAmf-BCVo75HC-S8Rn7x1jHvdGNn8QSHPPlFphkSU91zzSFBbXsEltRjrHlbzhyiZfRhnuyuhZDwqRe-G4VDoeJ-udQIBUdbUKH0dAy_Uk2yUQJ2wexWncXAUpv9RFb8NR2QpfD7D9mVw7pbBM0Ubh8cfL6WexG1qvh5yQPpEQVPSinLwgQJU9xq4wJWvovhywbiNeL47DYsIEFc6cgpT0xow4eojZQKmY67RfofeIWo92qEDuKzy0IspZ94Lx4W-FEY_ijvcz5QgpySM8jIwa8nnCxLmLVP-S_XzdTyInTS9NRQB-YbiPyHS9AfBmgT-nZTJIJjoA8ag2ipQNj04VhTn4u3wl-6E7k2Fe2eSKxmzunRB4OFlwAqAoIW2-MWD-KcDOYJtACBufpqiL09zcYadYc13eW2omG7ouqsT-B7E59hSx8bJFksOTRlUHg_hOoQCGyRFOcBnrc1PAI61UGvCAyjQ74RB9DGXzNaAnQHlTgVzJDJT39D660IMAqFtmeFEEPptOtoc6LgXT216u5RjgR1jTQxCysx7QZBO4YkU1p0Jwt4z5aqgnpWDLhmGQmiCikmkGjydzSy8VqxKab7r2K93EBnJYLns-kr8SlG6rwSrdtveIqhMDMXq2R68fm0ggH60R1F1_wjO0vv2tbDilEJI5hWdqISARZTEMRC1o-Y-f4V5kD_How8b42mIsXMzH8F_6-_YbZz5t2YvCbqiokXfAZGghepnfu0TThYH2k5aFrOyyVtR5JNYjeiv-Z0ImnCpMZ4USr6kULOrolX46QwJQR3E6kgqmuDXpkHrgf02I-LLXUJdNn36A3WiOq3NHVC5Gffn6RRBtMF7AQgQmZ9xSFhrqPjSC0mlOq1lboTAema0fz5zVOmD6caGFjjU2i-YfTAp2KUwHSJCTb7RzimKyKwD7AZeE1rot1xaxZaZkVh1ysog8dg1Xy5prqrxZKk-hCRltMhrmJQIhJH8JSL5JGI5QB7OmqaRDQRImto5SJomDpyYuJoOc2zKvDbKU0oWY64v_KzPZ8B9FzPiWqmMp5qRvpgDVAVoKP5d-waDJ_fv_w9gWf6ZlI8EvXf8y3sX3u7MAgWjpDfhJVHR1tbjDKX7Ytggq_buRfjuRl5FB0PO7jqxNKS6MFE-ZKwNUc6E1EXdJAOnU9MQwv9OuLMmB5btzuZ-Fwvm4dL_xmOVvl8vsP046CzHmjzmo-Ozc2ydZrHxIIe6lK-w8EyMbYX8IKTW9GzVR-XRVMi2toWxmvaqeDNQh6yVl0tFHpHi_Eea0cIN8NJ5ABrIGsPT09UDS-aPkvX6tDgD9XlbTLWyKeYJjOshSyAt4sOKM2X9mU4sxswgiMvfOfhHjkdxwCvUYYQKhS3vDat6NZzi3cHY7uHu90J7xa8gwS41c63_LNv4NNM_oSFDE51Ln5rx8YJVZBMw91_t5yhztgMac20eY2Kmn4sjhm5IzXxCYGeCuB32yau7Uj5dBDAJbSIvpl7G12yNGLO76xJ_21Z5YVGamVHcf5fzH6p3yX1Aaug5sddbt6X7faUnLIIBS1i1yyZnb-XOMriSKVlOnp3E62cK1PhU2jWyaAeRKPcktX3IRkXHr4CY6J7c7giUTK4TqvELWdnTDh6HSnOhGa2pmZ8OyEORmk32L_eqa-1npu0Of16tQB4iCyLAg40-Cbhyz7s-gkbj6TfEN42y2WvJqhFKP_yLqo9H--MOP1o1YSBxFzIlrqFZKPvnI2GEtULU-dI9Hh6_trlfv52AVssphBJdFwx8PHk2bBOi6QulrPT52q1TU6p7lmUN-nN9PBdnQ29ElDTXbsyHCzlAgi3hRMJ9RzwsNZKhtgroOHwGZhMlAI17e0WPcAePOQDgOckxVSABesqp_IcernfIvhKmIV3eOVi9ASXasI6X1pchEr5QixIZq70k3QneYnmlJ6wY7JYI29lMT_nh-6_n1fZuJHgMS9tCGoVC2VTpgWHgiOOtCdThSpj1ln-ViqRNCI_t_zm7xyJinAvK3nO_JFph38O8T0sgb-C5ZWir6p6EobR-GiaQzJuA7yJ_qpTmtodCieRL00X_kuwNAlb4U2mlDd6xigUcirW10Ca8eP3HJI2jmnN1iKQu86MAuu3S4PlgJn2dAeOno4bPClkIppszfl1mV2KaHwnNjkMXfkXEjIv9RzJWnqu4OgCTnanOusUA3zDhWl_80Os2kP9X9dhyJCxeVlUxq_ktFE1jeyA2zaxmNhPVKubLQWXF2gQtxI_H4YJU8bdg8vPSLW4KOzkFURgnsZKyda8lf2_n-ERdceomFBuKb3hC_QDS2rUo5lNcOIatIurj6RI3BRAHefkY1TklR37fDBjRA-g_s6boAQM8htf9yC5ZKrrBBZwzRb5aAgAjFkDXLNqHmLXd65_Z0XtuAAFJBGZiUTJU57SITHQYXaSI4GpnTY3pDGj4cLRO6yXk-AAs1xKk1vG_uuSxdlzRJ2oJjgn42qJ91FnoGrQaYUlNoRLqNXBPAtep6Dl7scDn7YX6h22tz0o9wvhi6aaF2Y3U9EnHBFKttQvsMu-rcFF-Iej9a5cyudNEhPp_BPFevglObwTMNPn3aJ_kzE9Wfe4to1Z_xkBGL3EDI-vvAiO96kSSflgust4ZfWQ4xYQdZA-OWjMF6mx3pTS4brx2kZfakcWmBdGMEb0yiD4F4m3tuoT1pbRpxLYT-3e4HSbyNrM7ZK7YGSXz9iqw_r7QG4xS2U1CbSwSSLrLk2WKIlJP6SLoTlN1qwHCnYlAzIjJxielO468hyekkd3WvDav52-UceMn8yL_6TGEvwZrgC4tUM4k9vuuE6RlAnJQuEnovd_7CwlKPTJbv5shnKZ6fh7pu4ZImfLenPZCHmfqzWLn-Miiy0vDi_fmDsU_1PuoL3eGd7RuQrb8RlhXR9R-JNEXe7HUSIJo7A4s196JnGjzq-Pj7zD3_SEaHcyU53mPMruYRdP8riUue1y1jHo5mKkwEYCjQ6iUG2wgqAIuhScm25wB85xqvXPqaerU4Eh6Js53jUuCN9z0kpvMAzrcnrmOODCTCc5rfWjByEgLiJhLUgvIPzsGXeMZJwHpW5SoCVkvl_sWeV3nCbqXcgTx4t9ck&cid=CAQSLQCNIrLMuZZh7alXkS-dDv5XY8x_Grf8_vxJbhmchvT9HloArCpUgfRk0O_3Ow&rfl=1%2Chttp%253A%252F%252Fenfermagemesaude.com.br%252F%240

Requested by

Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

929c5511f09c0be4b98511dae10568172520817d3ede4c04b50bfee9fcc5b2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34577
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8293 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DHONcZ2XYrYG6VH13F_jmqqzItu5-Kiy2CSIoWKuFwIHpYhAcE-RYEZYD_NJADkk-LIiAGbOiM6W5web_o43_D_P-l9Apa91aaFM7CQyyyJzO_HMA

Requested by

Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8293 2 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 06:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 06:09:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8293 124 KB
38 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 06:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 06:47:35 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8293 15 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 06:44:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 06:44:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A9B4 0
0 63ms
63ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021502&jk=3989429259373420&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DD20
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIeRTg8LFVRWkROzQOZBr68&google_cver=1

43 B
1014 B

17ms
12ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIeRTg8LFVRWkROzQOZBr68&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY86jQwQEwAQ&v=APEucNVo_VcZ6xB0cTY0a_n_aOw816gca3aRxC2VpCefWSmMBAuuZYSI2V8QpdEwOeRNeD8poptz3ewKB7WBPQJ-qYsq6fpH9B2CMnbXcYcsSbTkTW1e2rQcbSYi26YdEqgjHcqx5qn2XMtKhXRaF7oubvT_b5PH6RDlns0UXi86W1gesCH7su8
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Feb 2022 06:47:36 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 19 Feb 2022 06:47:36 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIeRTg8LFVRWkROzQOZBr68&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DD20
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhCSh5ycFcg7YGCejHbIXQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIeRTg8LFVRWkROzQOZBr68&google_cver=1

43 B
894 B

14ms
14ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIeRTg8LFVRWkROzQOZBr68&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY86jQwQEwAQ&v=APEucNVo_VcZ6xB0cTY0a_n_aOw816gca3aRxC2VpCefWSmMBAuuZYSI2V8QpdEwOeRNeD8poptz3ewKB7WBPQJ-qYsq6fpH9B2CMnbXcYcsSbTkTW1e2rQcbSYi26YdEqgjHcqx5qn2XMtKhXRaF7oubvT_b5PH6RDlns0UXi86W1gesCH7su8
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Feb 2022 06:47:36 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 19 Feb 2022 06:47:36 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIeRTg8LFVRWkROzQOZBr68&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DD20
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJuQeGtHmX5HrS-8sc2lwPs&google_cver=1

43 B
1020 B

17ms
17ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJuQeGtHmX5HrS-8sc2lwPs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY86jQwQEwAQ&v=APEucNVo_VcZ6xB0cTY0a_n_aOw816gca3aRxC2VpCefWSmMBAuuZYSI2V8QpdEwOeRNeD8poptz3ewKB7WBPQJ-qYsq6fpH9B2CMnbXcYcsSbTkTW1e2rQcbSYi26YdEqgjHcqx5qn2XMtKhXRaF7oubvT_b5PH6RDlns0UXi86W1gesCH7su8

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Feb 2022 06:47:36 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 40f82c03-0083-4709-a20e-db5b933ad64c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJuQeGtHmX5HrS-8sc2lwPs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DD20
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyMjY4NDIyMjE4ODI2MjY4Mg%3D%3D

170 B
243 B

49ms
49ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyMjY4NDIyMjE4ODI2MjY4Mg%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Feb 2022 06:47:35 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2754fc33-58cb-4b67-a3e4-6ae43057c645
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyMjY4NDIyMjE4ODI2MjY4Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET generate_204
tpc.googlesyndication.com/ Frame D982 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021502&jk=3989429259373420&bg=!JySlJGDNAAbf-5Dq3_s7ACkAdvg8WnB9HdC_MhcVExEa6zWTNyMWF4EgdYdMaeO65XPlripPNva0pAIAAABJUgAAAAFoAQcKAMg3Dx0T0GmdccGDCM4KG2lZN-e2bPWvY4KXosCPuEnmKTa_x1BcANxJJYFDmiBLxLo3zBJBqwY2Bnuhe1jCvEeJRwuTlFdmjQH8-wbGIOKxBxUxc0XZjvh8OPoBhOPY0QDJcDhovu14-lTgHqDMOn6pkDRNvOh1kSlrN2nUq6RHjR-ir9PfyeVbEBGJcbtam4_hcPU28cgY8ptZEdAEMkPztqjZhGMkNA4LgPbx5FvAq5m6xkHMXBlJTmz0JguZv78ymt6f04_N0ZkCvPVIqyVb9ctOQO44at8NYYb2S5_78icFjqZ5HOO4ncL0jBTqgTGlK1S_ZE9_fWZSHKBGa_s6o6Chskn807eYTVtSxHQgs5iXdMrlAbG8uxCgJXnkA7Ba9nct6JdtzlAI2wlUpRgTHQycLygA-6op07vvUgOo86yIDvglwMd2eKNwWqRjfN_lUB2KDWqTabbDVGW1vueASJ2JNIrdZAv79KUR92F0FBn3Fip57PMx9BNAazox6hBuQ7Y9m0T4RIUZZP12ZO9HzbwxX1g0FWPeJRwzGJIf1mvCAxyRBqVXyk-aGnKdkBszMEyTmnOM_uQg-haDnUFRb_leQwlig0qR1j1GewdyxbXQekrum0WwlPbi2oIt1T8FAYaxNKd3tAOLUg_KbB6y5YQj0NYzVqO7bn2DiwXPuYNm2bf5eU-NyPirOGAvCRbSmLY1jx6FG9M37PyyrcAS1ZHvziC8Jh_ilJEQx8a7uwxhsuTmDPAN1ggri1sGoYaooQq9P7xHSyVBsKEI8xOG_JXPAppk9vp8zByc-EBPjiHsxaIooMdi3_Ug0F_Jb3c-UV32V2mTkbVaW0Zhcp9XeyUx55oXfgd0KtHQWve3XTSGYBeAACQ6wSpk23QtLxkUfcEaSq2nV_IeLX6A9irL8UxOxvDIFcN_JuxT2xMyzzwLltAfa-p4OOfJp9ALgpsniqMOyDlE_Wg56Hx_98cpCs6o1DCWdMHtr5SRQ7nf1KEEKkc6EyOPIFJj6evug-wH7Aziy3Tz9Rp8gX_RVRyTLy-JDoBOwU6iQz1cfl22JlhM2Kpw6IiTyhzdW4IVZsnv5CIASgea_Xj3pGzrGflXTgZxPmRBzRzQUj-2374n3I_5uHk7LsdSqRGb87rq1hJtQwcZmsYbuBr2j364OoO15tsZUxA-SLNrHrseJEiQ0Ig9JcbJHhQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://enfermagemesaude.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/949432/60827840/ Frame 8293 47 KB
13 KB 119ms
31ms Script
application/javascript 52.18.213.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/949432/60827840/skeleton.js?ias_dspID=3&ias_campId=26650973&ias_pubId=pub-9260584092443715&ias_chanId=1&ias_placementId=16192691453&bidurl=http://enfermagemesaude.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gg-Z-bMPMq49817NkZL831
Requested by: Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.213.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-213-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 978f40b2e1acd7c71333b0024f64e706a7f635e18a2961a9090c1de501e0aa3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:36 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 8293 106 KB
38 KB 124ms
40ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
Origin: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 14:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Feb 2022 14:21:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/ Frame 8293 8 KB
3 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJnOaWBxxeE4-ksCMgnTySgtpFzx0N4FUhwTbu026-jIYkGp4qdOri9xp_fDpBSt2cS6rqrhkRGP3qqsZ_5YaaLHZcRw3P3vI-qnt0Zbm8nl81L-D1l_gAaIJzXjlWQZm4Cptu6TDHRXXuYRoXzXEsHOrt-Q&dbm_d=AKAmf-BCVo75HC-S8Rn7x1jHvdGNn8QSHPPlFphkSU91zzSFBbXsEltRjrHlbzhyiZfRhnuyuhZDwqRe-G4VDoeJ-udQIBUdbUKH0dAy_Uk2yUQJ2wexWncXAUpv9RFb8NR2QpfD7D9mVw7pbBM0Ubh8cfL6WexG1qvh5yQPpEQVPSinLwgQJU9xq4wJWvovhywbiNeL47DYsIEFc6cgpT0xow4eojZQKmY67RfofeIWo92qEDuKzy0IspZ94Lx4W-FEY_ijvcz5QgpySM8jIwa8nnCxLmLVP-S_XzdTyInTS9NRQB-YbiPyHS9AfBmgT-nZTJIJjoA8ag2ipQNj04VhTn4u3wl-6E7k2Fe2eSKxmzunRB4OFlwAqAoIW2-MWD-KcDOYJtACBufpqiL09zcYadYc13eW2omG7ouqsT-B7E59hSx8bJFksOTRlUHg_hOoQCGyRFOcBnrc1PAI61UGvCAyjQ74RB9DGXzNaAnQHlTgVzJDJT39D660IMAqFtmeFEEPptOtoc6LgXT216u5RjgR1jTQxCysx7QZBO4YkU1p0Jwt4z5aqgnpWDLhmGQmiCikmkGjydzSy8VqxKab7r2K93EBnJYLns-kr8SlG6rwSrdtveIqhMDMXq2R68fm0ggH60R1F1_wjO0vv2tbDilEJI5hWdqISARZTEMRC1o-Y-f4V5kD_How8b42mIsXMzH8F_6-_YbZz5t2YvCbqiokXfAZGghepnfu0TThYH2k5aFrOyyVtR5JNYjeiv-Z0ImnCpMZ4USr6kULOrolX46QwJQR3E6kgqmuDXpkHrgf02I-LLXUJdNn36A3WiOq3NHVC5Gffn6RRBtMF7AQgQmZ9xSFhrqPjSC0mlOq1lboTAema0fz5zVOmD6caGFjjU2i-YfTAp2KUwHSJCTb7RzimKyKwD7AZeE1rot1xaxZaZkVh1ysog8dg1Xy5prqrxZKk-hCRltMhrmJQIhJH8JSL5JGI5QB7OmqaRDQRImto5SJomDpyYuJoOc2zKvDbKU0oWY64v_KzPZ8B9FzPiWqmMp5qRvpgDVAVoKP5d-waDJ_fv_w9gWf6ZlI8EvXf8y3sX3u7MAgWjpDfhJVHR1tbjDKX7Ytggq_buRfjuRl5FB0PO7jqxNKS6MFE-ZKwNUc6E1EXdJAOnU9MQwv9OuLMmB5btzuZ-Fwvm4dL_xmOVvl8vsP046CzHmjzmo-Ozc2ydZrHxIIe6lK-w8EyMbYX8IKTW9GzVR-XRVMi2toWxmvaqeDNQh6yVl0tFHpHi_Eea0cIN8NJ5ABrIGsPT09UDS-aPkvX6tDgD9XlbTLWyKeYJjOshSyAt4sOKM2X9mU4sxswgiMvfOfhHjkdxwCvUYYQKhS3vDat6NZzi3cHY7uHu90J7xa8gwS41c63_LNv4NNM_oSFDE51Ln5rx8YJVZBMw91_t5yhztgMac20eY2Kmn4sjhm5IzXxCYGeCuB32yau7Uj5dBDAJbSIvpl7G12yNGLO76xJ_21Z5YVGamVHcf5fzH6p3yX1Aaug5sddbt6X7faUnLIIBS1i1yyZnb-XOMriSKVlOnp3E62cK1PhU2jWyaAeRKPcktX3IRkXHr4CY6J7c7giUTK4TqvELWdnTDh6HSnOhGa2pmZ8OyEORmk32L_eqa-1npu0Of16tQB4iCyLAg40-Cbhyz7s-gkbj6TfEN42y2WvJqhFKP_yLqo9H--MOP1o1YSBxFzIlrqFZKPvnI2GEtULU-dI9Hh6_trlfv52AVssphBJdFwx8PHk2bBOi6QulrPT52q1TU6p7lmUN-nN9PBdnQ29ElDTXbsyHCzlAgi3hRMJ9RzwsNZKhtgroOHwGZhMlAI17e0WPcAePOQDgOckxVSABesqp_IcernfIvhKmIV3eOVi9ASXasI6X1pchEr5QixIZq70k3QneYnmlJ6wY7JYI29lMT_nh-6_n1fZuJHgMS9tCGoVC2VTpgWHgiOOtCdThSpj1ln-ViqRNCI_t_zm7xyJinAvK3nO_JFph38O8T0sgb-C5ZWir6p6EobR-GiaQzJuA7yJ_qpTmtodCieRL00X_kuwNAlb4U2mlDd6xigUcirW10Ca8eP3HJI2jmnN1iKQu86MAuu3S4PlgJn2dAeOno4bPClkIppszfl1mV2KaHwnNjkMXfkXEjIv9RzJWnqu4OgCTnanOusUA3zDhWl_80Os2kP9X9dhyJCxeVlUxq_ktFE1jeyA2zaxmNhPVKubLQWXF2gQtxI_H4YJU8bdg8vPSLW4KOzkFURgnsZKyda8lf2_n-ERdceomFBuKb3hC_QDS2rUo5lNcOIatIurj6RI3BRAHefkY1TklR37fDBjRA-g_s6boAQM8htf9yC5ZKrrBBZwzRb5aAgAjFkDXLNqHmLXd65_Z0XtuAAFJBGZiUTJU57SITHQYXaSI4GpnTY3pDGj4cLRO6yXk-AAs1xKk1vG_uuSxdlzRJ2oJjgn42qJ91FnoGrQaYUlNoRLqNXBPAtep6Dl7scDn7YX6h22tz0o9wvhi6aaF2Y3U9EnHBFKttQvsMu-rcFF-Iej9a5cyudNEhPp_BPFevglObwTMNPn3aJ_kzE9Wfe4to1Z_xkBGL3EDI-vvAiO96kSSflgust4ZfWQ4xYQdZA-OWjMF6mx3pTS4brx2kZfakcWmBdGMEb0yiD4F4m3tuoT1pbRpxLYT-3e4HSbyNrM7ZK7YGSXz9iqw_r7QG4xS2U1CbSwSSLrLk2WKIlJP6SLoTlN1qwHCnYlAzIjJxielO468hyekkd3WvDav52-UceMn8yL_6TGEvwZrgC4tUM4k9vuuE6RlAnJQuEnovd_7CwlKPTJbv5shnKZ6fh7pu4ZImfLenPZCHmfqzWLn-Miiy0vDi_fmDsU_1PuoL3eGd7RuQrb8RlhXR9R-JNEXe7HUSIJo7A4s196JnGjzq-Pj7zD3_SEaHcyU53mPMruYRdP8riUue1y1jHo5mKkwEYCjQ6iUG2wgqAIuhScm25wB85xqvXPqaerU4Eh6Js53jUuCN9z0kpvMAzrcnrmOODCTCc5rfWjByEgLiJhLUgvIPzsGXeMZJwHpW5SoCVkvl_sWeV3nCbqXcgTx4t9ck&cid=CAQSLQCNIrLMuZZh7alXkS-dDv5XY8x_Grf8_vxJbhmchvT9HloArCpUgfRk0O_3Ow&rfl=1%2Chttp%253A%252F%252Fenfermagemesaude.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 06:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 06:38:36 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 8293 25 KB
9 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 06:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9648
x-xss-protection: 0
server: cafe
etag: 2224892065184813991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 06:43:32 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8293 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140734
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Feb 2023 15:42:02 GMT

GET
DATA 200
OK truncated
/ Frame 8293 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d67e0a8bb390deedc6f70dd2a536efd73f9340af4c66b36458f940d1c209bd4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1CEA 22 KB
8 KB 42ms
42ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Feb 2022 19:08:42 GMT
expires: Wed, 15 Feb 2023 19:08:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 301134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 main.gr.19.8.289.js Show response
static.adsafeprotected.com/ Frame 8293 189 KB
60 KB 53ms
11ms Script
application/javascript 2600:9000:224a:7200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.289.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/949432/60827840/skeleton.js?ias_dspID=3&ias_campId=26650973&ias_pubId=pub-9260584092443715&ias_chanId=1&ias_placementId=16192691453&bidurl=http://enfermagemesaude.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gg-Z-bMPMq49817NkZL831
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:07:10 GMT
content-encoding: gzip
age: 308427
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Feb 2022 16:52:16 GMT
server: AmazonS3
etag: W/"e894d9dd87d5e06b21396e04a0c29127"
vary: Accept-Encoding
x-amz-version-id: QoliWv7Zm09sOtt_1ftKxG1EPIuNscaU
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: rXBN7I2e-GaAgHiTHB61vBdYijCHfO4jcvz6qrjtMQp_SdeGz6Ln6A==

GET
H3 200 RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CEA 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 20:36:45 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14739093593110180362/ Frame 36B1 6 KB
2 KB 92ms
43ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14739093593110180362/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

840240c9b085fd1fa0af44b59ca611bb11a5738f83ae5bdb6d32c47e36f702f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2299
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 15 Feb 2022 14:24:58 GMT
expires: Wed, 15 Feb 2023 14:24:58 GMT
cache-control: public, max-age=31536000
age: 318158
last-modified: Mon, 31 Jan 2022 14:31:28 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8293 0
571 B 175ms
71ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvi5GfGTeOoKyM3oChNVLfZBne14nmyjGIarGefxvoEa_9I8boDjArXtWgCzCUcpkUACvzALKhxSTN-9lUO1kXWibV8iKsQNskRmrH8AI9Mud3Dw7Zwm-yagSQQLf7gM18JtLAsou2bfgt9pprv_VK0plHlSxr_yMWGFZOYPoqucr68XtNuDIixSETU0QJYFi07zMm-vXHN8UV0M2WWf0cs85FpjGFaCtdwUDT1aCsblsWqWzqSkn5SqSGSE-li_quegBNLo5BHFdaVvOWwmHJDUe1khrsPTVUC-2QsID4BEcZ2lKA7nz6kGcesRb0bsGAbKMp-OUQyyZZr_xu0lsgqX71nV1711RBp7tBhJTpwAUlP_mSZz_OBN5Uk7FfJKD1kGX05pV2kYDhaTW47vDPrHq_Z1T45Djfg5-NIXTgUTmu3CDos0mdUR5vCLk57gZFk-Qpz_wQ3c3TOW2Z0gUpsKfwBAHjyuP-fu45SIWoLj63l__k-PBL5XsutnFx-WyyThK6fvAZe_xIlP-WKw_0ndWM_id-J-ufgp_kx8soCIMK-Jt0pGpsOPD5QvYHui0DiTuoFip7MQaks2PYk1UP_p76LHmBXkHXfSyt8z643H-CmgXpdbPi3ktsBuAyDysYqMlhvmPQ_5fIhVKJqs0dIPhQ9yug7u7lk8-vZkujC7XKntAZhsZA-YXUA0IvzM-f3y2iifg9HIBpu8Kquw3W6AsBx1y21Da97X-RysgGl4wiXXplRU-wX2Cl-Q7PZZPdHqP62JaQr6YIMqvoajXutYOU33tI-HUlh6_gVVSfWdCIeWFLqBo76lRohLfdx2Xf8LslhJ9bK1gUD-pZsGwqu_MiQwtjo7aw8rZU3Wjx4VHDlfCvJKlmWZeZp8Dd7o7hwPZ7odwlX0gDzJ0CrvSPmkkQtIyeQoXYOndxAGqm3fKzXccacZcjvZ1LsdEzp2IFeipTqKCBsu-2IVfLb3tB_OKuhDvmImlMwa2MIbYMD9ZST4yr2wArejhqkWQ6OOjpqkL3LtMwhZJNGpaYWGf8PJycl1eM2SPDo_-It0g16wjVe5RttlEYGe8lBgvjHJ_KU2JrH5nkRDcnONx9PpnZE457YTdXb3fvN3jnLHpSxgNJT3567_DR_gNIBuivyWmlI2r8il1p3rt_ICnLmIknjmXoOEmm32N0ou4d46TR3CbZ2qLVd_ewaNhyqoKMQTeuWzBkjvTuN&sai=AMfl-YQGsmt2Erh8JEj6Mraih-85O74iipams-F_Ooqtl8reR_Mr4_gKvGS3Nbn3svJ_GdkyIjNaF6gLLocedygJdm6XXwskJeeaWboqqC8OPRZ7UX7wNSzXv3x_ahNXV38oYi8EqCOmA_IHYoVEvaN34mBiTXMsSrCAfenH3i9Up3gvsQFA9tFvX9PvE8_dTB1WaRifpZmF0bIXh-qxxzF0qHav11er9CwoLOYZIQ&sig=Cg0ArKJSzMNC4XMsnz6lEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=181&cbvp=1&cstd=178&cisv=r20220216.11032&adurl=

Requested by

Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 19 Feb 2022 06:47:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 8293
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/949432/60827840/skeleton.js?ias_dspID=3&ias_campId=26650973&ias_pubId=pub-9260584092443715&ias_chanId=1&ias_placementId=16192691453&bidurl=http://enfermagemesa...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

12ms
11ms

Script
application/javascript

2600:9000:224a:7200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:224a:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
age: 19606300
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ndYtigb3pFGN_ISQvyrRxr2t-mxQmpRe_noAiJuyf3_XOW4m2cU7yA==

Redirect headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:36 GMT
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 006C 80 KB
21 KB 11ms
11ms Script
application/javascript 2600:9000:224a:7200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 15:56:46 GMT
content-encoding: gzip
age: 2127051
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: i8Rn85GxmblFpIHkRwTgGfbVI3mitv1U_4HqaHaNmzy8StEwwFRaYQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8293 43 B
215 B 359ms
101ms Image
image/gif 34.206.96.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=6a876f37-fb40-01a3-b21d-db642fac6b91&tv=%7Bc:4EamYa,pingTime:-3,time:135,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:113%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:135,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sXRMZI7+11%7C12%7C13%7C14%7C15*.949432-60827840%7C151%7C1521%7C153,idMap:15*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by: Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.96.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-96-78.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:36 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8293 43 B
216 B 357ms
101ms Image
image/gif 34.206.96.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=6a876f37-fb40-01a3-b21d-db642fac6b91&tv=%7Bc:4EamYb,pingTime:-6,time:136,type:i,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:136,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sXRMZI7+11%7C12%7C13%7C14%7C15*.949432-60827840%7C151%7C1521%7C153,idMap:15*,rmeas:1,rend:0,renddet:DIV%7D&tpiLookup=ao:enfermagemesaude.com.br&br=c
Requested by: Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.96.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-96-78.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:36 GMT
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8293 43 B
215 B 341ms
102ms Image
image/gif 34.206.96.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=6a876f37-fb40-01a3-b21d-db642fac6b91&tv=%7Bc:4EamYt,pingTime:-2,time:154,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:433,beZ:434,mfA:526,cmA:527,inA:528,inZ:533,prA:533,prZ:540,si:546,poA:547,poZ:558,cmZ:558,mfZ:558,loA:568,loZ:570,ltA:586,ltZ:586%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:113%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B56~0%5D,as:%5B56~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sXRMZI7+11%7C12%7C13%7C14%7C15*.949432-60827840%7C151%7C1521%7C153,idMap:15*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,sinceFw:39,readyFired:true%7D&br=c
Requested by: Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.96.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-96-78.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:36 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 36B1 236 KB
63 KB 59ms
17ms Script
text/javascript 2a02:26f0:f7::5c7b:e051
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14739093593110180362/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e051 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 06:47:36 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sat, 19 Feb 2022 07:02:36 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/14739093593110180362/ Frame 36B1 50 KB
8 KB 40ms
40ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14739093593110180362/index.js?1643623536959

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14739093593110180362/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f50409f4741fa3ffde6255b8925241af0836698d80e9c31c1eed0934347eea8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14739093593110180362/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7656
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 14:31:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Feb 2023 14:24:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CEA 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoDNGh5IQYp-vN4SE3gOokLWQAwAAAAA4AeAEAg&bg=!mpmlmd3NAAbf-5Dq3_s7ACkAdvg8WtS2YHVzUvaeGf-dlKI0i3SZMydORPndFDv5WZdBHV_s91DLugIAAACCUgAAAAJoAQcKAHPlDlEVJuhZ2FiwaO4lEx6NtPLhqmfiXV3EGKGb4yL0n1ABsPRs19c1ezVoxS-d0PgHZXybb0XHOjgUFGtQKK0D6kOSrkVa87t6kdjLclHEaFZ0arfkWcyed1LFxmr8z2d9DBD8gThL9D8zgFNiiQKf3xWPmQMbECd0-Li7udry8rYviAewUUhnTVPeI6WM4A-ye8bUT-NZtUtd7_WOzQ1O_UJCxDWpSPbf0lk89J-TjCtC5IhhFw735ObG-dOYxYLvb7-_sx02X6uQfJOI4-rAO-RSSqjIthk0YksgK0RDTNnmdavMVcNkt3kLf8plBjbloaIwGeDbDvyk2Ny3VtEt3iNWfkWPP5buFfvNGFTlznPprjKNXRCaY6LjPgDmmDiEWmXyxISLPssQnuiSCNE5Kvp_43ryjDpBaaV2f8ijfTB3oFIJJItSB1p-ifYgOtmsMm8p2aCc6DAylmOkiMqaYdXfaNQCXn7Vcq6Oyu5KzShA_dYctf5IVrJEJggMbvrBGpK03ZyiiShPXsgQ92-MfBnlD1HDYQgKsrSCBMyk2k883nraKaor3Et_Vump-3zKMY_z1uNmvBq4gVtmW4STG69sf72i5pUUCCEni-gyiScFCW92Mg9TZ6_imhQbRbti6YNy3aIEjnIWiEzzAAZw5bJ2JdIuOYw4QAcvQO5cxCztdeqtUFPftc5msyBx_YOoaG45cx_wRJK0EA564LO9wWVLD2ih4uji_qktJH2BWzayRv1qIVfywohvVVrcBXtSwG4FcTcjgTWxtgAA_ZGsQHx-nqb4l4ZKclnXC09WK9Mfwf3e1wDDro37h7lSw2nznxvwlNqTeNCAg8ChqGAgEAmwVhIBL3jKHkYlaUMswnW-685KfHUkXBCsCIwKZeiTCPY40IIqeRTpXtxDeLT2Xe6hdCmfyVVu7D0E-HKvEDc_MTPfgASbSqi1gnGq-Kf98czi0j73exkXtuQH3FxA1mum9hqfsrKwtzFo8lBJOPJjbBPto63mrV5AqccQV_CDfhIC5L3OVySFOcANx4aWRgDfIFn1fseB5isTIdLBH-2qoPhJjXFd6rpmIb-2Yhr7h71m5nbeqXzjy3w58rm0HdQ4aT09KFHowist5oRm6TzBghVwoklC8XTZXacsN7DqKz9MYKWbLZcFo0e_wlGsc_fkLaNP0MPDlvyyax_LPHWBhXDgNxeYBAdt7qUbpcvO

Requested by

Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index_atlas_1.png
s0.2mdn.net/sadbundle/14739093593110180362/images/ Frame 36B1 150 KB
150 KB 66ms
66ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14739093593110180362/images/index_atlas_1.png?1643623536910

Requested by

Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aac7cd6291246b8cecdf86ffaedda9f0c8c066938ad5e1b09a86acc8dd2b76f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14739093593110180362/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:24:58 GMT
x-content-type-options: nosniff
age: 318158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154039
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 14:31:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Feb 2023 14:24:58 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8293 0
23 B 136ms
65ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 06:47:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8293 43 B
215 B 101ms
100ms Image
image/gif 34.206.96.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=6a876f37-fb40-01a3-b21d-db642fac6b91&tv=%7Bc:4Ean2Z,pingTime:-10,time:434,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1645253256644%7C%7Cea14effcca3153354e99cade034a923a%7C%7C920bd99aa4265c459f442b819dba176b%7C%7C6548bae659da20643fb5d1511bb77d54%7C%7C41215d1734c105f458161a880d79b60e%7C%7C827c128f2244807c0cbab223148f6daf%7C%7C38dda8bea9e2c7706c23a888daae619c%7C%7C2e1e8c4325f8a55e04cc26abe8d66211%7C%7C1629390669%7D
Requested by: Host: 092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
URL: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.96.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-96-78.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:36 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8293 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmBJVjrExGmeO3wx6gieLuRZGQTjeYP2I_YFyutkibI9xvtLhbjvvV4bhe5xA30NpZuEoc914ifX1f-lS0qpS7ZQtCg_JQ7nFKL_NcImBwC7BwWotf7Q&sai=AMfl-YQLNXzTkt1JlwLScRZjwhi1TgdBy6EBk7QlxWJGmWuS9DwmLl9WuA7kKIDvXTxh_-2QCZriWDh1_2aPFy74SImOzoBuzLswnK6K3p9v&sig=Cg0ArKJSzOvOsEARsrhBEAE&cid=CAQSLQCNIrLMuZZh7alXkS-dDv5XY8x_Grf8_vxJbhmchvT9HloArCpUgfRk0O_3Ow&id=lidar2&mcvt=1000&p=200,421,290,1149&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1222635766&rs=4&la=0&cr=0&vs=4&r=v&rst=1645253255779&rpt=354&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8293 43 B
215 B 101ms
100ms Image
image/gif 34.206.96.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=6a876f37-fb40-01a3-b21d-db642fac6b91&tv=%7Bc:4EaneC,time:1155,type:e,im:%7Bpci:%7Btdr:1005%7D%7D,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1056~0,1~100%5D,as:%5B1057~728.90%5D%7D%7D,%7Bsl:i,t:1154,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:102,fm:sXRMZI7+11%7C12%7C13%7C14%7C15*.949432-60827840%7C151%7C1521%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.96.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-96-78.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:37 GMT
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8293 43 B
215 B 101ms
101ms Image
image/gif 34.206.96.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=6a876f37-fb40-01a3-b21d-db642fac6b91&tv=%7Bc:4EanuK,pingTime:1,time:2155,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:113%7D,%7Bpiv:100,vs:i,r:,t:1154%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1056~0,1~100%5D,as:%5B1057~728.90%5D%7D%7D,%7Bsl:i,t:1154,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:102,fm:sXRMZI7+11%7C12%7C13%7C14%7C15*.949432-60827840%7C151%7C1521%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.96.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-96-78.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:38 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8293 43 B
215 B 102ms
101ms Image
image/gif 34.206.96.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=6a876f37-fb40-01a3-b21d-db642fac6b91&tv=%7Bc:4EanuK,pingTime:1,time:2155,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:113%7D,%7Bpiv:100,vs:i,r:,t:1154%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1056~0,1~100%5D,as:%5B1057~728.90%5D%7D%7D,%7Bsl:i,t:1154,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:102,fm:sXRMZI7+11%7C12%7C13%7C14%7C15*.949432-60827840%7C151%7C1521%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.96.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-96-78.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:38 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8293 43 B
215 B 102ms
101ms Image
image/gif 34.206.96.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=6a876f37-fb40-01a3-b21d-db642fac6b91&tv=%7Bc:4EanuL,pingTime:1,time:2156,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:113%7D,%7Bpiv:100,vs:i,r:,t:1154%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1056~0,1~100%5D,as:%5B1057~728.90%5D%7D%7D,%7Bsl:i,t:1154,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:102,fm:sXRMZI7+11%7C12%7C13%7C14%7C15*.949432-60827840%7C151%7C1521%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.96.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-96-78.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 06:47:38 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?g9QTLQ

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
enfermagemesaude.com.br/	1969-12-31 23:59:59	Name: _enfermeiros_session Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJThlMTUyY2UzMjM5NTRjMmU5NmJiM2UxMzRiZjNmODI1BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTFVeVE2ckFMNnlWM1pkRmJML01HUUw3ZGRUTTdxdkdvRExFSGxUUWUxUFk9BjsARg%3D%3D--a2cdaa497d36cca2b987afb69e99f990061d54a5
.enfermagemesaude.com.br/	1970-01-20 18:32:05	Name: __utma Value: 102847188.1709876937.1645253255.1645253255.1645253255.1
.enfermagemesaude.com.br/	1969-12-31 23:59:59	Name: __utmc Value: 102847188
.enfermagemesaude.com.br/	1970-01-20 05:23:41	Name: __utmz Value: 102847188.1645253255.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.enfermagemesaude.com.br/	1970-01-20 01:00:53	Name: __utmt Value: 1
.enfermagemesaude.com.br/	1970-01-20 01:00:55	Name: __utmb Value: 102847188.1.10.1645253255
.enfermagemesaude.com.br/	1970-01-20 10:22:29	Name: __gads Value: ID=14d3c290fa8da3bc:T=1645253255:S=ALNI_MaXvmCOTVhHW8EQ_mDErRg5Nc4a_Q
.adnxs.com/	1970-01-20 03:10:29	Name: uuid2 Value: 7222684222188262682
.casalemedia.com/	1970-01-20 09:46:29	Name: CMID Value: YhCSh5ycFcg7YGCejHbIXQAA
.casalemedia.com/	1970-01-20 03:10:29	Name: CMPS Value: 3274
.casalemedia.com/	1970-01-20 03:10:29	Name: CMPRO Value: 1121
.casalemedia.com/	1970-01-20 01:02:19	Name: CMST Value: YhCSiGIQkogA
.casalemedia.com/	1970-01-20 09:46:29	Name: CMRUM3 Value: 2d621092882760CAESEIeRTg8LFVRWkROzQOZBr68
.adnxs.com/	1970-01-20 03:10:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaS[g!C:!1yIE`fS1ueD1W-044)d+]Uem+SXjwnkT3lq?<:xGNlY@T_([#2G?0)hnh98P(hw9P-HC_#tsw>)ix'c
.doubleclick.net/	1970-01-20 10:22:29	Name: IDE Value: AHWqTUkcwnUTBc5zE1laOOK29vxF9aorcitjDhbhS-T_VaNXwNG2UY09fAeMR2IkTy0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

092581f72b0884ede8a73d9dbd2affc4.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
enfermagemesaude.com.br
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
tpc.googlesyndication.com
104.200.21.48
142.250.184.226
142.250.186.34
172.217.18.98
2.21.141.232
2600:9000:224a:7200:8:48e:53c0:93a1
2a00:1450:4001:808::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2004
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:400c:c06::9c
2a02:26f0:f7::5c7b:e051
34.206.96.78
37.252.172.250
52.18.213.219
00075146c3bc44a32c3e2383d047eef32d91f7dd3f38de61019bee94f3b1b2b9
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0450586a4f99f43ca1fc3785a3511a41211adf82045c85e562f2d68c7de18b09
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
3cc7e7ac996903a0598a8474b357a9ec86840cf436a90887a988127c25111e25
4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc
455cea1d9ad105a65b24acf22cbec531caf7383f00011959517d3e921196be0e
45b667386c04e0e6d8e79c27df8fdbe81df66ea059d95a2daf67ff9f6470f991
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b0cd0a966a1b87dd8947da07acba8c410324ed5af457516f6c3cd8ebf06748
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61daa5e10d1910c94db36832a3adb3e9bec2c60a0b584b37daea27f634f36fd0
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6a54dc9866dfd1cdf5a43c348a42f4939533300117750a983670d3ebd640bd50
727aaccb9eefa71e2a06db045ccdbefb5ecc1cbd031f15b467bada6651ebb4bb
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
7c9cf5876c2d01a8764c2c7abf6f19f12918891e6562a44aa606b823ae1703f0
8119ba2aed4561fda7b33012e130a0290ed9a4ea94e962753773e5dddee2f54e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840240c9b085fd1fa0af44b59ca611bb11a5738f83ae5bdb6d32c47e36f702f9
86d01ab1fadf140b16b9bd5088782e62e6f090cde9a5b303abb77b133d414aee
8e522f02f3b47b6f110d7e81a8d3b5f5879d2a37950fa279c30808cf51c6ba96
929c5511f09c0be4b98511dae10568172520817d3ede4c04b50bfee9fcc5b2ba
978f40b2e1acd7c71333b0024f64e706a7f635e18a2961a9090c1de501e0aa3a
984c2c88c38aefec7b699a03d5bc9fb5160b2b51b997ff5da44fffe29f2b0e16
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a29d5bdf96440fde5bdb52364bd66fb9b755ec625d8548ce309ec0ec75bb18d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aac7cd6291246b8cecdf86ffaedda9f0c8c066938ad5e1b09a86acc8dd2b76f7
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bec41605f65590f408d8cf1c648de86b3d19f588dcd18e2568afccecbaf271cc
c30202a1419fd6f73df4e1fd04a39ff97a70c1dc2f2e04cf1f122d453c6c83e3
cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
d67e0a8bb390deedc6f70dd2a536efd73f9340af4c66b36458f940d1c209bd4d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50409f4741fa3ffde6255b8925241af0836698d80e9c31c1eed0934347eea8b

enfermagemesaude.com.br Open in urlscan Pro 104.200.21.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

73 %HTTPS

58 %IPv6

13 Domains

22 Subdomains

20 IPs

4 Countries

1250 kBTransfer

3199 kBSize

15 Cookies

3 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

enfermagemesaude.com.br Open in urlscan Pro
104.200.21.48 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

73 %
HTTPS

58 %
IPv6

13
Domains

22
Subdomains

20
IPs

4
Countries

1250 kB
Transfer

3199 kB
Size

15
Cookies

70 HTTP transactions
1 data transactions