urlscan.io logo urlscan.io
SecurityTrails logo

enfermagemesaude.com.br Open in urlscan Pro
104.200.21.48  Public Scan

Go To Rescan Add Verdict Report
URL: http://enfermagemesaude.com.br/
Submission Tags: falconsandbox
Submission: On April 30 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 10 domains to perform 50 HTTP transactions. The main IP is 104.200.21.48, located in Richardson, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is enfermagemesaude.com.br.
This is the only time enfermagemesaude.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    104.200.21.48 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li799-48.members.linode.com
enfermagemesaude.com.br
7    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com
13    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
enfermagemesaude.com.br
c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
10 enfermagemesaude.com.br enfermagemesaude.com.br
7 pagead2.googlesyndication.com enfermagemesaude.com.br
pagead2.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
enfermagemesaude.com.br
3 www.googletagservices.com enfermagemesaude.com.br
pagead2.googlesyndication.com
c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com 1 redirects enfermagemesaude.com.br
1 s0.2mdn.net tpc.googlesyndication.com
1 ajax.googleapis.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 stats.g.doubleclick.net enfermagemesaude.com.br
50 15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://enfermagemesaude.com.br/
Frame ID: D119BC12C15F0192FC025FC6381824B0
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html
Frame ID: EBF87506273FBB241BF01AABD791E0CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3706322130769690&output=html&adk=1812271804&adf=3025194257&lmt=1619781715&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fenfermagemesaude.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1619781715073&bpp=30&bdt=596&idt=484&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1951148552236&frm=20&pv=2&ga_vid=117077035.1619781715&ga_sid=1619781715&ga_hid=1504359299&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060839&oid=3&pvsid=1940487215090454&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=511
Frame ID: 345E80C12A6F79AF12F2B5895FE8BD19
Requests: 1 HTTP requests in this frame

Frame: https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9CD6EF2A8E5A758F1DEE719371E87A20
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html
Frame ID: C572D46F2F60087D3C8801014DCCFB8A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 5A4879FFA7B860EF63E9E15E52E49A84
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D954B70C250D1D8545CC5CFB47745F20
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E26A4AA17B977DE90CFFD20CB1DB464A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /Phusion Passenger ([\d.]+)/i

Page Statistics

50
Requests

76 %
HTTPS

87 %
IPv6

10
Domains

15
Subdomains

16
IPs

3
Countries

966 kB
Transfer

2394 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 15
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1398192691&utmhn=enfermagemesaude.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Enfermagem%20e%20Sa%C3%BAde%20-%20Not%C3%ADcias%2C%20Eventos%2C%20Concursos%2C%20Quest%C3%B5es%20de%20Concursos&utmhid=1504359299&utmr=-&utmp=%2F&utmht=1619781715188&utmac=UA-2607526-6&utmcc=__utma%3D102847188.117077035.1619781715.1619781715.1619781715.1%3B%2B__utmz%3D102847188.1619781715.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=320189341&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1398192691&utmhn=enfermagemesaude.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Enfermagem%20e%20Sa%C3%BAde%20-%20Not%C3%ADcias%2C%20Eventos%2C%20Concursos%2C%20Quest%C3%B5es%20de%20Concursos&utmhid=1504359299&utmr=-&utmp=%2F&utmht=1619781715188&utmac=UA-2607526-6&utmcc=__utma%3D102847188.117077035.1619781715.1619781715.1619781715.1%3B%2B__utmz%3D102847188.1619781715.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=320189341&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2607526-6&cid=117077035.1619781715&jid=320189341&_v=5.7.2&z=1398192691
Request Chain 43
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
enfermagemesaude.com.br/ 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://enfermagemesaude.com.br/
Protocol
HTTP/1.1
Server
104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li799-48.members.linode.com
Software
nginx/1.6.2 + Phusion Passenger 4.0.53 / Phusion Passenger 4.0.53
Resource Hash
4982cf1123e9b77aba9430634c4e368f64eacfd861356abca96c496b8c6084b2

Request headers

Host
enfermagemesaude.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Status
200 OK
X-UA-Compatible
IE=Edge,chrome=1
Cache-Control
max-age=0, private, must-revalidate
Set-Cookie
_enfermeiros_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTY5MDMzMGE5ZjM3MjMwMzFlMTNkNTQzYjk1YjE4M2FmBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUgvSTlWUW8yOXNVM2dsRmtwcmQranlxaDNhWUs5L09JcFdaVk5XZi90MEU9BjsARg%3D%3D--e1ba44dd0eeb4f15504e4c3eb4b5e4a00bb82fc2; path=/; HttpOnly
X-Request-Id
c8c8a8193564a209cbc20ae34750d775
X-Runtime
0.054895
Date
Fri, 30 Apr 2021 11:21:54 GMT
X-Rack-Cache
miss
X-Powered-By
Phusion Passenger 4.0.53
Server
nginx/1.6.2 + Phusion Passenger 4.0.53
Content-Encoding
gzip
application-9307a9f280fdce6074d8071ed72579c9.css
enfermagemesaude.com.br/assets/ 		188 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol
HTTP/1.1
Server
104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li799-48.members.linode.com
Software
nginx/1.6.2 /
Resource Hash
45b667386c04e0e6d8e79c27df8fdbe81df66ea059d95a2daf67ff9f6470f991

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
enfermagemesaude.com.br
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://enfermagemesaude.com.br/
Cookie
_enfermeiros_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTY5MDMzMGE5ZjM3MjMwMzFlMTNkNTQzYjk1YjE4M2FmBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUgvSTlWUW8yOXNVM2dsRmtwcmQranlxaDNhWUs5L09JcFdaVk5XZi90MEU9BjsARg%3D%3D--e1ba44dd0eeb4f15504e4c3eb4b5e4a00bb82fc2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Apr 2021 11:21:54 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Jan 2021 01:38:31 GMT
Server
nginx/1.6.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/css
3_medium.jpg
enfermagemesaude.com.br/system/images/19927/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://enfermagemesaude.com.br/system/images/19927/3_medium.jpg?1615784952
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol
HTTP/1.1
Server
104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li799-48.members.linode.com
Software
nginx/1.6.2 /
Resource Hash
727aaccb9eefa71e2a06db045ccdbefb5ecc1cbd031f15b467bada6651ebb4bb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
enfermagemesaude.com.br
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://enfermagemesaude.com.br/
Cookie
_enfermeiros_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTY5MDMzMGE5ZjM3MjMwMzFlMTNkNTQzYjk1YjE4M2FmBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUgvSTlWUW8yOXNVM2dsRmtwcmQranlxaDNhWUs5L09JcFdaVk5XZi90MEU9BjsARg%3D%3D--e1ba44dd0eeb4f15504e4c3eb4b5e4a00bb82fc2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Apr 2021 11:21:54 GMT
Last-Modified
Mon, 15 Mar 2021 05:09:12 GMT
Server
nginx/1.6.2
ETag
"604eebf8-26fb"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9979
4_medium.jpg
enfermagemesaude.com.br/system/images/19934/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://enfermagemesaude.com.br/system/images/19934/4_medium.jpg?1615784989
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol
HTTP/1.1
Server
104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li799-48.members.linode.com
Software
nginx/1.6.2 /
Resource Hash
57b0cd0a966a1b87dd8947da07acba8c410324ed5af457516f6c3cd8ebf06748

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
enfermagemesaude.com.br
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://enfermagemesaude.com.br/
Cookie
_enfermeiros_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTY5MDMzMGE5ZjM3MjMwMzFlMTNkNTQzYjk1YjE4M2FmBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUgvSTlWUW8yOXNVM2dsRmtwcmQranlxaDNhWUs5L09JcFdaVk5XZi90MEU9BjsARg%3D%3D--e1ba44dd0eeb4f15504e4c3eb4b5e4a00bb82fc2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Apr 2021 11:21:54 GMT
Last-Modified
Mon, 15 Mar 2021 05:09:49 GMT
Server
nginx/1.6.2
ETag
"604eec1d-1ffd"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8189
5_medium.jpg
enfermagemesaude.com.br/system/images/19939/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://enfermagemesaude.com.br/system/images/19939/5_medium.jpg?1615785046
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol
HTTP/1.1
Server
104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li799-48.members.linode.com
Software
nginx/1.6.2 /
Resource Hash
984c2c88c38aefec7b699a03d5bc9fb5160b2b51b997ff5da44fffe29f2b0e16

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
enfermagemesaude.com.br
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://enfermagemesaude.com.br/
Cookie
_enfermeiros_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTY5MDMzMGE5ZjM3MjMwMzFlMTNkNTQzYjk1YjE4M2FmBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUgvSTlWUW8yOXNVM2dsRmtwcmQranlxaDNhWUs5L09JcFdaVk5XZi90MEU9BjsARg%3D%3D--e1ba44dd0eeb4f15504e4c3eb4b5e4a00bb82fc2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Apr 2021 11:21:54 GMT
Last-Modified
Mon, 15 Mar 2021 05:10:46 GMT
Server
nginx/1.6.2
ETag
"604eec56-2e50"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11856
2_medium.jpg
enfermagemesaude.com.br/system/images/19942/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://enfermagemesaude.com.br/system/images/19942/2_medium.jpg?1615784873
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol
HTTP/1.1
Server
104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li799-48.members.linode.com
Software
nginx/1.6.2 /
Resource Hash
7c9cf5876c2d01a8764c2c7abf6f19f12918891e6562a44aa606b823ae1703f0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
enfermagemesaude.com.br
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://enfermagemesaude.com.br/
Cookie
_enfermeiros_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTY5MDMzMGE5ZjM3MjMwMzFlMTNkNTQzYjk1YjE4M2FmBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUgvSTlWUW8yOXNVM2dsRmtwcmQranlxaDNhWUs5L09JcFdaVk5XZi90MEU9BjsARg%3D%3D--e1ba44dd0eeb4f15504e4c3eb4b5e4a00bb82fc2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Apr 2021 11:21:54 GMT
Last-Modified
Mon, 15 Mar 2021 05:07:53 GMT
Server
nginx/1.6.2
ETag
"604eeba9-27fc"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10236
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3df28cede092d9f3eb4ced65063bc126e298b7e03c1f587a3f42dadc6909dbfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 11:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48362
x-xss-protection
0
server
cafe
etag
11736008493392425597
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Apr 2021 11:21:54 GMT
application-b03045e9b70a9478bdbeb876220e05e0.js
enfermagemesaude.com.br/assets/ 		621 KB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://enfermagemesaude.com.br/assets/application-b03045e9b70a9478bdbeb876220e05e0.js
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol
HTTP/1.1
Server
104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li799-48.members.linode.com
Software
nginx/1.6.2 /
Resource Hash
00075146c3bc44a32c3e2383d047eef32d91f7dd3f38de61019bee94f3b1b2b9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
enfermagemesaude.com.br
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://enfermagemesaude.com.br/
Cookie
_enfermeiros_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTY5MDMzMGE5ZjM3MjMwMzFlMTNkNTQzYjk1YjE4M2FmBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUgvSTlWUW8yOXNVM2dsRmtwcmQranlxaDNhWUs5L09JcFdaVk5XZi90MEU9BjsARg%3D%3D--e1ba44dd0eeb4f15504e4c3eb4b5e4a00bb82fc2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Apr 2021 11:21:54 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Jan 2021 01:38:31 GMT
Server
nginx/1.6.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e992c52afe6a3f16d4ed88055cd2f7a9e58fabde106271c54f77abec87ec3550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Apr 2021 11:21:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"857 / 697 of 1000 / last-modified: 1619775531"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
21199
X-XSS-Protection
0
Expires
Fri, 30 Apr 2021 11:21:54 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1661
date
Fri, 30 Apr 2021 10:54:14 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 30 Apr 2021 12:54:14 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
bg_deg.png
enfermagemesaude.com.br/assets/ 		360 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://enfermagemesaude.com.br/assets/bg_deg.png
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
Protocol
HTTP/1.1
Server
104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li799-48.members.linode.com
Software
nginx/1.6.2 /
Resource Hash
c30202a1419fd6f73df4e1fd04a39ff97a70c1dc2f2e04cf1f122d453c6c83e3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
enfermagemesaude.com.br
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
Cookie
_enfermeiros_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTY5MDMzMGE5ZjM3MjMwMzFlMTNkNTQzYjk1YjE4M2FmBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUgvSTlWUW8yOXNVM2dsRmtwcmQranlxaDNhWUs5L09JcFdaVk5XZi90MEU9BjsARg%3D%3D--e1ba44dd0eeb4f15504e4c3eb4b5e4a00bb82fc2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Apr 2021 11:21:54 GMT
Last-Modified
Sat, 30 Jan 2021 01:38:40 GMT
Server
nginx/1.6.2
ETag
"6014b8a0-168"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
360
social-icons.png
enfermagemesaude.com.br/assets/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://enfermagemesaude.com.br/assets/social-icons.png
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
Protocol
HTTP/1.1
Server
104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li799-48.members.linode.com
Software
nginx/1.6.2 /
Resource Hash
8e522f02f3b47b6f110d7e81a8d3b5f5879d2a37950fa279c30808cf51c6ba96

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
enfermagemesaude.com.br
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
Cookie
_enfermeiros_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTY5MDMzMGE5ZjM3MjMwMzFlMTNkNTQzYjk1YjE4M2FmBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUgvSTlWUW8yOXNVM2dsRmtwcmQranlxaDNhWUs5L09JcFdaVk5XZi90MEU9BjsARg%3D%3D--e1ba44dd0eeb4f15504e4c3eb4b5e4a00bb82fc2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Apr 2021 11:21:54 GMT
Last-Modified
Sat, 30 Jan 2021 01:38:40 GMT
Server
nginx/1.6.2
ETag
"6014b8a0-630f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25359
fontawesome-webfont-b692b242d25f5bc7862d7c724c6da504.woff
enfermagemesaude.com.br/assets/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://enfermagemesaude.com.br/assets/fontawesome-webfont-b692b242d25f5bc7862d7c724c6da504.woff
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
Protocol
HTTP/1.1
Server
104.200.21.48 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li799-48.members.linode.com
Software
nginx/1.6.2 /
Resource Hash
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

Pragma
no-cache
Origin
http://enfermagemesaude.com.br
Accept-Encoding
gzip, deflate
Host
enfermagemesaude.com.br
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
Cookie
_enfermeiros_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTY5MDMzMGE5ZjM3MjMwMzFlMTNkNTQzYjk1YjE4M2FmBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUgvSTlWUW8yOXNVM2dsRmtwcmQranlxaDNhWUs5L09JcFdaVk5XZi90MEU9BjsARg%3D%3D--e1ba44dd0eeb4f15504e4c3eb4b5e4a00bb82fc2
Connection
keep-alive
Cache-Control
no-cache
Origin
http://enfermagemesaude.com.br
Referer
http://enfermagemesaude.com.br/assets/application-9307a9f280fdce6074d8071ed72579c9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Apr 2021 11:21:54 GMT
Last-Modified
Sat, 30 Jan 2021 01:38:31 GMT
Server
nginx/1.6.2
ETag
"6014b897-aa34"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43572
pubads_impl_2021042801.js
securepubads.g.doubleclick.net/gpt/ 		300 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 11:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 08:37:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108145
x-xss-protection
0
expires
Fri, 30 Apr 2021 11:21:55 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/ 		223 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3706322130769690&plah=enfermagemesaude.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 11:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84347
x-xss-protection
0
server
cafe
etag
8033165652557143678
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 30 Apr 2021 11:21:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/ Frame EBF8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210428/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://enfermagemesaude.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://enfermagemesaude.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 30 Apr 2021 01:17:06 GMT
expires
Fri, 14 May 2021 01:17:06 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
36289
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1398192691&utmhn=enfermagemesaude.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1398192691&utmhn=enfermagemesaude.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&ut...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2607526-6&cid=117077035.1619781715&jid=320189341&_v=5.7.2&z=1398192691
35 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2607526-6&cid=117077035.1619781715&jid=320189341&_v=5.7.2&z=1398192691
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 30 Apr 2021 11:21:55 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Apr 2021 11:21:55 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2607526-6&cid=117077035.1619781715&jid=320189341&_v=5.7.2&z=1398192691
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=enfermagemesaude.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Apr 2021 11:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=enfermagemesaude.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Apr 2021 11:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1940487215090454&correlator=36880758349795&output=ldjh&impl=fif&eid=31060784%2C31060939%2C21068030%2C31060735%2C31060839&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210430&iu_parts=1924533%2Chome_leaderboard_top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=23&abxe=1&lmt=1619781715&dt=1619781715509&dlt=1619781714478&idt=944&frm=20&biw=1600&bih=1200&oid=3&adxs=-30&adys=200&adks=1222635766&ucis=1&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fenfermagemesaude.com.br%2F&vis=1&scr_x=0&scr_y=0&psz=1630x110&msz=1630x90&ga_vid=117077035.1619781715&ga_sid=1619781715&ga_hid=1504359299&ga_fc=true&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1a746ee0dd49d85cadc5a667b430a4ca529a4936a4ff82379bce7a6c7da0b199
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLn7k47tpfACFUw-4Aodz7MJ6A&gqi=&layout=/sadbundle/%24csp%253Der3%24/377536914903536029/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLn7k47tpfACFUw-4Aodz7MJ6A&gqi=&layout=/sadbundle/%24csp%253Der3%24/377536914903536029/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26502
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Fri, 30 Apr 2021 11:21:55 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://enfermagemesaude.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie.js
partner.googleadservices.com/gampad/ 		213 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=enfermagemesaude.com.br&callback=_gfp_s_&client=ca-pub-3706322130769690
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3706322130769690&plah=enfermagemesaude.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a5a8faf5f5404b951640c99cb82fd82b719b8546f861d02675c63175631c6db5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 11:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fenfermagemesaude.com.br%2F&tn=SPAN&id=talk&cls=talk&ign=false
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Apr 2021 11:21:55 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 345E 		54 B
57 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3706322130769690&output=html&adk=1812271804&adf=3025194257&lmt=1619781715&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fenfermagemesaude.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1619781715073&bpp=30&bdt=596&idt=484&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1951148552236&frm=20&pv=2&ga_vid=117077035.1619781715&ga_sid=1619781715&ga_hid=1504359299&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060839&oid=3&pvsid=1940487215090454&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=511
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3706322130769690&plah=enfermagemesaude.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3706322130769690&output=html&adk=1812271804&adf=3025194257&lmt=1619781715&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fenfermagemesaude.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1619781715073&bpp=30&bdt=596&idt=484&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1951148552236&frm=20&pv=2&ga_vid=117077035.1619781715&ga_sid=1619781715&ga_hid=1504359299&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060839&oid=3&pvsid=1940487215090454&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=511
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://enfermagemesaude.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://enfermagemesaude.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 30 Apr 2021 11:21:56 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
IDE=AHWqTUnFreSjc6Edy0D2g94ep_zG3eYzYLpPFkHp__IKAC6Jv5Xr3sBHGgJdF6W7wF8; expires=Wed, 25-May-2022 11:21:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 30 Apr 2021 11:21:56 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3706322130769690&plah=enfermagemesaude.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 11:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619631702402874"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Fri, 30 Apr 2021 11:21:55 GMT
container.html
c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9CD6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://enfermagemesaude.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://enfermagemesaude.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 30 Apr 2021 11:21:56 GMT
expires
Sat, 30 Apr 2022 11:21:56 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/ Frame C572 		1 KB
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
988be38bfa0ea8236c14745f92bb044e2611f17b795606a5cdaac420c96187da
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/377536914903536029/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
564
date
Thu, 29 Apr 2021 16:29:02 GMT
expires
Fri, 29 Apr 2022 16:29:02 GMT
last-modified
Tue, 19 Jan 2021 10:00:15 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
67974
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 9CD6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CD08RU-iLYPmFIsz8gAfP56bADs-wqbZh0_6dt4QNmJmCgoMiEAEgtZPXBWCRhJOF_BegAdSd0aMDyAEJqQKjrmbiSlG0PuACAKgDAcgDCKoE_QFP0DrgE4cFulX5aXMPT3Gw-z4S4cAMkU8UHiSiGLgfufmNy1G6Q7MhdUjr01UtPUJ5lNPKwGL8t4a_KyxKKnkFhSdFIaAP1ynT0XMpGI_AQALkNDSbGLiEhOyGaIA0EuZSnDuNbCTayuQu1GeP2ZYIjf6VRLxyglL5Po4nuWj9Zdggiqtkji6lY8W_SP7pPAAZ8tVf9PJ7CYmvMYs2oGAhXvrt0A8sbfDWz-RJmp7RVEiej6fJKpHviWUVZgp3vILPJ9BGsPgnvE9yiXdlASoKGxiGxwD_caUrF8JGBkLh17WYruepJYXoGmvMFcwxPWgyif_YKOnWpouXTTkZwASHsOncvwPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHlOKuXKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC1vAPSCAkIgOGAUBABGB2ACgHICwHYEw2yFxoKGAgAEhRwdWItOTI2MDU4NDA5MjQ0MzcxNQ&sigh=hbvkqWl7qMs&template_id=419
Requested by
Host: enfermagemesaude.com.br
URL: http://enfermagemesaude.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 9CD6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js
Requested by
Host: c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com
URL: https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 11:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
882276978028997863
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 May 2021 11:19:14 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 9CD6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js
Requested by
Host: c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com
URL: https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 11:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 May 2021 11:20:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9CD6 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com
URL: https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 11:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619631691980669"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36080
x-xss-protection
0
expires
Fri, 30 Apr 2021 11:21:56 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 9CD6 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com
URL: https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 11:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 May 2021 11:21:25 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C572 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 23:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42471
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 30 Apr 2021 23:34:05 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C572 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 30 Apr 2021 23:11:01 GMT
style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/ Frame C572 		835 B
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/style.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a89f9a7b6549d1c89080bb6fd3c8180dd2e4b218a6e72d4429027985e3bf52ac
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
108667
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
405
x-xss-protection
0
last-modified
Tue, 19 Jan 2021 10:00:15 GMT
server
sffe
date
Thu, 29 Apr 2021 05:10:49 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Apr 2022 05:10:49 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.0/ Frame C572 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 07:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186116
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29195
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Apr 2022 07:40:00 GMT
tweenmax_1.20.4_3dc5474a75410cb768741e402b80d908_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C572 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.4_3dc5474a75410cb768741e402b80d908_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 11:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38738
x-xss-protection
0
last-modified
Thu, 31 May 2018 15:49:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 11:21:56 GMT
animation.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/ Frame C572 		626 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/animation.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1e3bbf089fb747849714523d0d42d7fa6f5a0ff45a295430e47ba82e41fbcd8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
108667
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
355
x-xss-protection
0
last-modified
Tue, 19 Jan 2021 10:00:15 GMT
server
sffe
date
Thu, 29 Apr 2021 05:10:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Apr 2022 05:10:49 GMT
1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/ Frame C572 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f66f48a8ffd7cbfc8c1943081ae68a29c33c442fb42437f7da405d8d0a75d33
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
4191
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66962
x-xss-protection
0
last-modified
Tue, 19 Jan 2021 10:00:15 GMT
server
sffe
date
Fri, 30 Apr 2021 10:12:05 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Apr 2022 10:12:05 GMT
2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/ Frame C572 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bfeceee6f05b7b6aaa98bc638560e4c55533eff85ee8dff2e04bbdb4edc1d46
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
4191
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32016
x-xss-protection
0
last-modified
Tue, 19 Jan 2021 10:00:15 GMT
server
sffe
date
Fri, 30 Apr 2021 10:12:05 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Apr 2022 10:12:05 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5A48 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com
URL: https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnFreSjc6Edy0D2g94ep_zG3eYzYLpPFkHp__IKAC6Jv5Xr3sBHGgJdF6W7wF8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 30 Apr 2021 10:56:55 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1501
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9CD6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
266361f89c7c4b9a8bb19eaa112329d9dad4fce6b24225f50e949700568e97ee

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210428&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3706322130769690&plah=enfermagemesaude.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d709fca3c8608ffcde02045229601df99260161230c4aee7b609c296f7dcb327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Apr 2021 11:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7653
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5A48
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com
URL: https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnFreSjc6Edy0D2g94ep_zG3eYzYLpPFkHp__IKAC6Jv5Xr3sBHGgJdF6W7wF8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 30 Apr 2021 11:21:56 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 30-Apr-2021 12:21:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 30 Apr 2021 11:21:56 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 30 Apr 2021 11:21:56 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3706322130769690&plah=enfermagemesaude.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 11:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 30 Apr 2021 11:21:56 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D954 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://enfermagemesaude.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://enfermagemesaude.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 30 Apr 2021 11:21:36 GMT
expires
Sat, 30 Apr 2022 11:21:36 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
20
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E26A 		783 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
be5acc10a6e1b930b2ef6078c3b010567052331709797850f8bbf1f1d6701ccf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KL4vigEnmZd3dmySrpeqSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://enfermagemesaude.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://enfermagemesaude.com.br/

Response headers

expires
Fri, 30 Apr 2021 11:21:56 GMT
date
Fri, 30 Apr 2021 11:21:56 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-KL4vigEnmZd3dmySrpeqSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 9CD6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXMfkjKJtzVX3Uo0PTz4XSQfP1g-ty_gOsPgtgiPj4K1reBoqXxzzsVoB8sfAkwZZ-1IsINzthqWMhSYYXy_6LpybcjGvKWjgGy9ue4b5_Gpv0SckgI4qQYDaWXlNk8Ycx8D9pAEP42d1UukIKNd0LPg&sai=AMfl-YTMBqahGOWeaw67LtlSImC9WZeRpCITyTeUcILZgOhEUwen-vdpTfwdkcFlvJMwHw2lp0T7DJWed3nMUZrinoiVv5S1G5MKxomwK4DotY8GXvE422hy9d7N7UEy0co&sig=Cg0ArKJSzMHtt_8F-MtfEAE&cid=CAASPeRoBUKueJUrXOWKE4Jmrg0qSUfHK_TKbz-9BO9N0MWjALYSU8CRugbJzom-IRl5TjtNIqWabSWlcF76iEs&id=lidar2&mcvt=1001&p=200,421,290,1149&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210428&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1222635766&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619781716331&dlt=22&rpt=352&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Apr 2021 11:21:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
pagead2.googlesyndication.com/bg/ Frame D954 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 07:45:37 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
12980
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5617
x-xss-protection
0
expires
Sat, 30 Apr 2022 07:45:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210428&jk=1940487215090454&bg=!cXKlcjbNAAZLnZBaS507ACkAdvg8Wt78EiBt_7dkE7ztqPssvkeUlD0umRDf71k3kUSntA1LyiEkoAIAAAFJUgAAABNoAQcKASzrWmzlXan7cxaEV-LZUR_B_EDChu4yWTfIeaiBd8wuZp7ATdqUU4y8QGlHRxPiojvUTZvuPQr03NnuBUY25YE2RcwHM5Now-fqv-dXPo86OUfD7VRZGoz9yUjR4FWZVGZ94Grj6WpDKSh8HL1DptfCG3GXPJI_tuRK4-MpiUvNoaKZ94rt34gvqe3tnoUeSqqG0--EwIRttiQVQ16VqfprzncA1KmdOnyXGNaA9NIyZYiSzYJq5bSVTfQ8HWa-sT03xFfiPa1Du-bNxYsdR6ar0Esdq38D5qvYijWcTynfscoI_YvOYgp6PXqxxE1pmPs92IskIyLCiYF0TOy-Bu0jD4DPDHQrx0ZsurSonF7K8_4c196WnKOPmkCUzvQn_aUKde_20eARYFzCwW2ZAk_fdAaIR5u-_1bB56GnAF-limSn2lmBx982bA-w9_PAqMPv_-A-oONfPNFI1fRRbSHOVqqeNU0AvsobMBS4k7ufKUysST4CxG7HnfL4J-wpfAlDHmm4YMrfB0MPaa5WtY4xc2zGc_S-MC9SzIapsNXKQWMSH_OAUMRtfStpztoXIc8NWc-LgW5_74sD4TFQdDeI_aKFNtVDF6gdrdhlzldfnKr4Wm-kBZx1NjfEyyiRIpX-U3JC2lqVx9aFK8YSN4dHnblBdvH9i7fOL3QENPHTpiNhF6V2GOlmocfFdwyfJPYfdPru2BWPs9ccWVp5UfttFitanWHrCfsMXHAYf2J55Cg091Vid-xfURoy3ibJE07ws2NcpDeI5eJkFK7XhrVc_51syh9f8yDuCN6WzhGmScZpndOm0NQ1Y0N-aT0Bblu3k7oDrhAsZXVVGuxOWdtk8PD00dVCJZUWdtJyfUp0h55Ocvs3FuP24SBaPNrtrS_vrwCIMVQPNdIIK5APyCRzTOGbpJN8AC3HM91anwy7hv0sTK1rBuEIHv-9LgVjFYtCz0Z4O-KT120PJfVlTjXJwFjfRwUQTd2piCcI5BtJlSCgF968NMRoMlDFTSgpJgkbD24HdMN9JI28NX7R5zTsknU8k83TykBiQHqEEhosBnSo9RTI_SEbjjRYVR6ZjDOb8CTV4v96tm_XFCbDCpdtSMk4-eF_NbRD-xFZI-B2AEv1Xr0UFVhnZ1sTFpGeihjmgXdv-yYnVNrtwneSAXKKSKzidVBbDljSN5CKMYA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://enfermagemesaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Apr 2021 11:21:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| googletag string| bb_bid string| bb_lang string| bb_name string| bb_limit string| bb_format object| _gaq object| ggeac object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| _gat object| gaGlobal function| $ function| jQuery object| jQuery1111024043783407801045 object| CKEDITOR object| Modernizr function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator boolean| _gfp_p_ object| google_image_requests object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms

9 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnFreSjc6Edy0D2g94ep_zG3eYzYLpPFkHp__IKAC6Jv5Xr3sBHGgJdF6W7wF8
.enfermagemesaude.com.br/ Name: __gads
Value: ID=6005f001c04d9afd-226366cfb7a7004b:T=1619781715:RT=1619781715:S=ALNI_MYVNnzCQ1IO0X_5f510KkkIiOf-Yw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.enfermagemesaude.com.br/ Name: __utmt
Value: 1
.enfermagemesaude.com.br/ Name: __utmz
Value: 102847188.1619781715.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.enfermagemesaude.com.br/ Name: __utmb
Value: 102847188.1.10.1619781715
.enfermagemesaude.com.br/ Name: __utmc
Value: 102847188
.enfermagemesaude.com.br/ Name: __utma
Value: 102847188.117077035.1619781715.1619781715.1619781715.1
enfermagemesaude.com.br/ Name: _enfermeiros_session
Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTY5MDMzMGE5ZjM3MjMwMzFlMTNkNTQzYjk1YjE4M2FmBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUgvSTlWUW8yOXNVM2dsRmtwcmQranlxaDNhWUs5L09JcFdaVk5XZi90MEU9BjsARg%3D%3D--e1ba44dd0eeb4f15504e4c3eb4b5e4a00bb82fc2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
c537fb0b7a26c2cff7a8f9cd8cd3a0b7.safeframe.googlesyndication.com
enfermagemesaude.com.br
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
104.200.21.48
142.250.185.98
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:400c:c09::9d
00075146c3bc44a32c3e2383d047eef32d91f7dd3f38de61019bee94f3b1b2b9
09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1a746ee0dd49d85cadc5a667b430a4ca529a4936a4ff82379bce7a6c7da0b199
1bfeceee6f05b7b6aaa98bc638560e4c55533eff85ee8dff2e04bbdb4edc1d46
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
266361f89c7c4b9a8bb19eaa112329d9dad4fce6b24225f50e949700568e97ee
3df28cede092d9f3eb4ced65063bc126e298b7e03c1f587a3f42dadc6909dbfc
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
45b667386c04e0e6d8e79c27df8fdbe81df66ea059d95a2daf67ff9f6470f991
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
4982cf1123e9b77aba9430634c4e368f64eacfd861356abca96c496b8c6084b2
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061
57b0cd0a966a1b87dd8947da07acba8c410324ed5af457516f6c3cd8ebf06748
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6f66f48a8ffd7cbfc8c1943081ae68a29c33c442fb42437f7da405d8d0a75d33
727aaccb9eefa71e2a06db045ccdbefb5ecc1cbd031f15b467bada6651ebb4bb
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7c9cf5876c2d01a8764c2c7abf6f19f12918891e6562a44aa606b823ae1703f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e522f02f3b47b6f110d7e81a8d3b5f5879d2a37950fa279c30808cf51c6ba96
984c2c88c38aefec7b699a03d5bc9fb5160b2b51b997ff5da44fffe29f2b0e16
988be38bfa0ea8236c14745f92bb044e2611f17b795606a5cdaac420c96187da
a1e3bbf089fb747849714523d0d42d7fa6f5a0ff45a295430e47ba82e41fbcd8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a8faf5f5404b951640c99cb82fd82b719b8546f861d02675c63175631c6db5
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89f9a7b6549d1c89080bb6fd3c8180dd2e4b218a6e72d4429027985e3bf52ac
aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50
be5acc10a6e1b930b2ef6078c3b010567052331709797850f8bbf1f1d6701ccf
c30202a1419fd6f73df4e1fd04a39ff97a70c1dc2f2e04cf1f122d453c6c83e3
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d709fca3c8608ffcde02045229601df99260161230c4aee7b609c296f7dcb327
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e992c52afe6a3f16d4ed88055cd2f7a9e58fabde106271c54f77abec87ec3550
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629