urlscan.io logo urlscan.io
SecurityTrails logo

www.edocr.com Open in urlscan Pro
3.234.169.58  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Submission: On September 15 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 9 domains to perform 33 HTTP transactions. The main IP is 3.234.169.58, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.edocr.com.
TLS certificate: Issued by Amazon on April 28th 2021. Valid for: a year.
This is the only time www.edocr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 3.234.169.58 14618 (AMAZON-AES)
9 142.251.36.2 15169 (GOOGLE)
2 142.250.179.206 15169 (GOOGLE)
6 142.251.36.34 15169 (GOOGLE)
1 52.217.107.54 16509 (AMAZON-02)
1 142.250.179.130 15169 (GOOGLE)
1 142.250.179.194 15169 (GOOGLE)
2 172.217.168.225 15169 (GOOGLE)
1 142.250.102.99 15169 (GOOGLE)
33 10
10    3.234.169.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-169-58.compute-1.amazonaws.com
www.edocr.com
9    142.251.36.2 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s44-in-f2.1e100.net
pagead2.googlesyndication.com
partner.googleadservices.com
2    142.250.179.206 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s42-in-f14.1e100.net
www.google-analytics.com
6    142.251.36.34 (United States)

ASN15169 (GOOGLE, US)
PTR: ams17s12-in-f2.1e100.net
googleads.g.doubleclick.net
www.googletagservices.com
1    52.217.107.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    142.250.179.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams17s10-in-f2.1e100.net
adservice.google.de
1    142.250.179.194 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s42-in-f2.1e100.net
adservice.google.com
2    172.217.168.225 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s40-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.102.99 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f99.1e100.net
www.google.com
Domain Requested by
10 www.edocr.com www.edocr.com
8 pagead2.googlesyndication.com www.edocr.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.edocr.com
www.google-analytics.com
1 www.google.com tpc.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s3.amazonaws.com
33 11

This site contains no links.

Subject Issuer Validity Valid
edocr.com
Amazon		 2021-04-28 -
2022-05-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Frame ID: DC85F5FCCEFBFA7DD416A052DD61BE6A
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/zrt_lookup.html
Frame ID: 3A9B9F48AADCFF549D9A66BAA38AE9CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=8628223775&adk=2306401753&adf=1981261236&pi=t.ma~as.8628223775&w=350&lmt=1631701288&psa=0&format=350x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631701288068&bpp=5&bdt=1225&idt=167&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=1273655864210&frm=20&pv=2&ga_vid=1615639.1631701287&ga_sid=1631701288&ga_hid=1098471010&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-975&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062491%2C31062297&oid=3&pvsid=275026157009128&pem=176&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=9QIaCm0Sdu&p=https%3A//www.edocr.com&dtd=186
Frame ID: FFA77F064198A4BE34DE6388FFD80B8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=600&slotname=3952982610&adk=937441900&adf=3095482696&pi=t.ma~as.3952982610&w=120&lmt=1631701288&psa=0&format=120x600&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631701288073&bpp=1&bdt=1230&idt=194&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250&correlator=1273655864210&frm=20&pv=1&ga_vid=1615639.1631701287&ga_sid=1631701288&ga_hid=1098471010&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=25&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062491%2C31062297&oid=3&pvsid=275026157009128&pem=176&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0pJWT4Z28k&p=https%3A//www.edocr.com&dtd=198
Frame ID: EEDE7060D086857F2E81D2B4DA884E35
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=485626509&pi=t.ma~as.4103433139&w=300&lmt=1631701288&psa=0&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631701288074&bpp=1&bdt=1231&idt=199&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600&correlator=1273655864210&frm=20&pv=1&ga_vid=1615639.1631701287&ga_sid=1631701288&ga_hid=1098471010&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1270&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062491%2C31062297&oid=3&pvsid=275026157009128&pem=176&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PumpAw4Lk0&p=https%3A//www.edocr.com&dtd=202
Frame ID: 613CF1855546DF0890460F6BBD3AEE5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&adk=1812271804&adf=3025194257&lmt=1631701288&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631701288123&bpp=1&bdt=1280&idt=156&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600%2C300x250&nras=1&correlator=1273655864210&frm=20&pv=1&ga_vid=1615639.1631701287&ga_sid=1631701288&ga_hid=1098471010&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062491%2C31062297&oid=3&pvsid=275026157009128&pem=176&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=163
Frame ID: 4230CA9A3B2113123131E980AFE7611C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 217FB6605F44DAEC2DD6E78FFE96E4EB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 46B4529D01E4BC88475F7B54674F5C05
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Boost your Immune system with Roncuvita panch tulsi drops | edocr

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

33
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

10
IPs

1
Countries

1014 kB
Transfer

3056 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request boost-your-immune-system-with-roncuvita-panch-tuls
www.edocr.com/v/ewv5z2wo/jamesbrown723426/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.169.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-169-58.compute-1.amazonaws.com
Software
/ Express
Resource Hash
2ed65935daf156b846a54163ce1c07e4c9d6933464cbce6d2e0a6930602a259b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Host
www.edocr.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

build-number
2134
content-encoding
gzip
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 15 Sep 2021 10:21:26 GMT
etag
W/"199c-7HaY83XCAOeoQBBf/omdHuR1MD8"
vary
Accept-Encoding
X-Content-Type-Options
nosniff
x-powered-by
Express
Content-Length
2159
Connection
keep-alive
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.36.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s44-in-f2.1e100.net
Software
cafe /
Resource Hash
f8cf69dc84013289af1e855e80a0813e7d41cef8d7d618a6f356b16d978be74b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 10:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48956
x-xss-protection
0
server
cafe
etag
14613007625797476942
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 10:21:26 GMT
main.00f291007fc7948c83c0.css
www.edocr.com/v/static/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/v/static/main.00f291007fc7948c83c0.css
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.169.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-169-58.compute-1.amazonaws.com
Software
/ Express
Resource Hash
65e4e63638e9c69fe634cc25b595b20afe3e704f5eb8adf36a551e3c23a12ecf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.edocr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Mon, 13 Sep 2021 21:41:45 GMT
x-powered-by
Express
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
date
Wed, 15 Sep 2021 10:21:26 GMT
Connection
keep-alive
accept-ranges
bytes
transfer-encoding
chunked
etag
W/"814-17be11bdda8"
build-number
2134
bundle.js
www.edocr.com/v/static/ 		2 MB
559 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/v/static/bundle.js
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.169.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-169-58.compute-1.amazonaws.com
Software
/ Express
Resource Hash
ce71794a73bbf003e982b1830d9b96342a333ab7734efc3d78751f98160aa0db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.edocr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Mon, 13 Sep 2021 22:51:28 GMT
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
date
Wed, 15 Sep 2021 10:21:27 GMT
Connection
keep-alive
accept-ranges
bytes
transfer-encoding
chunked
etag
W/"201a35-17be15bb53c"
build-number
2134
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s42-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1862
date
Wed, 15 Sep 2021 09:50:24 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 15 Sep 2021 11:50:24 GMT
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1098471010&t=pageview&_s=1&dl=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&ul=en-us&de=UTF-8&dt=Boost%20your%20Immune%20system%20with%20Roncuvita%20panch%20tulsi%20drops%20%7C%20edocr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2072324229&gjid=481459532&cid=1615639.1631701287&tid=UA-160144-46&_gid=1882990989.1631701287&_r=1&_slc=1&z=1161591683
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s42-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.edocr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 10:21:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.edocr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/ Frame 3A9B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.36.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s12-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210913/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.edocr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 14 Sep 2021 17:18:12 GMT
expires
Tue, 28 Sep 2021 17:18:12 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
61395
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ewv5z2wo
www.edocr.com/api-user/viewingSession/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/api-user/viewingSession/ewv5z2wo?isEmbed=false
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.169.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-169-58.compute-1.amazonaws.com
Software
/ Express
Resource Hash
f2f3f2fae191644882b712642d3e7a00f0627a488a6616c7dcd6a1dfe3b189b8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.edocr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Cookie
_ga=GA1.2.1615639.1631701287; _gid=GA1.2.1882990989.1631701287; _gat=1
Connection
keep-alive
Accept
application/json, text/plain, */*
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
X-Content-Type-Options
nosniff
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
date
Wed, 15 Sep 2021 10:21:27 GMT
Connection
keep-alive
transfer-encoding
chunked
etag
W/"a80-ySW1v1ip4gGu0n1qk81hwIRpBkc"
build-number
2134
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s44-in-f2.1e100.net
Software
cafe /
Resource Hash
6a31f5e2ef9d66ae390fc16ca76b56aeb76c06b43e1e6b34979f27f9a25d330c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 10:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94975
x-xss-protection
0
server
cafe
etag
8056399442672506072
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 10:21:28 GMT
26rdyka2.jpeg
s3.amazonaws.com/storage.prizmshare.com/8F7E6933-2E52-4F62-BDE6-7AFD0AEA2428/ewv5z2wo/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/storage.prizmshare.com/8F7E6933-2E52-4F62-BDE6-7AFD0AEA2428/ewv5z2wo/26rdyka2.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.107.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
46768c2bc6e9ea40e6ffed5f8d47e862030d3f567423ff69327a31b02c4397fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 10:21:29 GMT
Last-Modified
Wed, 15 Sep 2021 10:21:03 GMT
Server
AmazonS3
x-amz-request-id
69TGAQPDGD55SNZ9
ETag
"743db8dfcda31b0326435e2c87ddb329"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
76337
x-amz-id-2
cISUsn6DRjCWntyQtFvQLADgfHhscV3UTWccCWEoN3I050SL0lCSlA65n3g0UShDGoOOMGMbmWo=
restrictions
www.edocr.com/pas/v2/ViewingSessions/7lKMCUVX1XYcZfAtGHsjxA/ 		226 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/v2/ViewingSessions/7lKMCUVX1XYcZfAtGHsjxA/restrictions
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.169.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-169-58.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
b1ba9fa4ad8fdf667f000a62ef0aebcd3b169d9e70a0e7079072471016139c68
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Accusoft-Parent-Pid
0
Accusoft-Parent-Name
ViewerControl
Sec-Fetch-Dest
empty
Cookie
_ga=GA1.2.1615639.1631701287; _gid=GA1.2.1882990989.1631701287; _gat=1
Connection
keep-alive
Accusoft-Gid
EpGntdKmrvTj86vxECkxaQ
Pragma
no-cache
Host
www.edocr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Sec-Fetch-Site
same-origin
Accusoft-Parent-Taskid
0
Accusoft-Gid
EpGntdKmrvTj86vxECkxaQ
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Accusoft-Parent-Pid
0
Accusoft-Parent-Taskid
0

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
X-Content-Type-Options
nosniff
server
nginx
access-control-allow-headers
*
x-powered-by
Express
transfer-encoding
chunked
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
date
Wed, 15 Sep 2021 10:21:28 GMT
Connection
keep-alive
access-control-allow-credentials
true
vary
Accept-Encoding
build-number
2134
0
www.edocr.com/pas/Page/q/ 		102 KB
70 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Page/q/0?DocumentID=u7lKMCUVX1XYcZfAtGHsjxA&Scale=1&ContentType=svgb
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.169.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-169-58.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
7a82d9b195089e310f66522a266658d3596daf0938160b47df9cec0b35343b1e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Accusoft-Parent-Pid
0
Accusoft-Parent-Name
ViewerControl
Sec-Fetch-Dest
empty
Cookie
_ga=GA1.2.1615639.1631701287; _gid=GA1.2.1882990989.1631701287; _gat=1
Connection
keep-alive
Accusoft-Gid
GX2lFjBLNoytv4gDZ4CyZQ
Pragma
no-cache
Host
www.edocr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Sec-Fetch-Site
same-origin
Accusoft-Parent-Taskid
0
Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Accusoft-Gid
GX2lFjBLNoytv4gDZ4CyZQ
Accept-Language
de-DE,de;q=0.9
Accusoft-Parent-Pid
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accusoft-Parent-Taskid
0

Response headers

date
Wed, 15 Sep 2021 10:21:28 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2134
truncated
/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8657baaa6b95a17c934001c3338f3cdff05bf8ce67ffe25c3b7ab53cd580241

Request headers

Referer
Origin
https://www.edocr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
cookie.js
partner.googleadservices.com/gampad/ 		199 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.edocr.com&callback=_gfp_s_&client=ca-pub-6933461940627641
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.36.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s44-in-f2.1e100.net
Software
cafe /
Resource Hash
b5db94192b968af443e8ab3b3eb02a4c11b27e66750f666824c6ee7cb04d8028
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 10:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.edocr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s10-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 10:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.edocr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s42-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 10:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FFA7 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=8628223775&adk=2306401753&adf=1981261236&pi=t.ma~as.8628223775&w=350&lmt=1631701288&psa=0&format=350x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631701288068&bpp=5&bdt=1225&idt=167&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=1273655864210&frm=20&pv=2&ga_vid=1615639.1631701287&ga_sid=1631701288&ga_hid=1098471010&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-975&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062491%2C31062297&oid=3&pvsid=275026157009128&pem=176&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=9QIaCm0Sdu&p=https%3A//www.edocr.com&dtd=186
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s12-in-f2.1e100.net
Software
cafe /
Resource Hash
af4cd0fb663cf89405e77b33e4448d04589a7037830557077f6fadd65efcf9c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=8628223775&adk=2306401753&adf=1981261236&pi=t.ma~as.8628223775&w=350&lmt=1631701288&psa=0&format=350x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631701288068&bpp=5&bdt=1225&idt=167&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=1273655864210&frm=20&pv=2&ga_vid=1615639.1631701287&ga_sid=1631701288&ga_hid=1098471010&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-975&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062491%2C31062297&oid=3&pvsid=275026157009128&pem=176&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=9QIaCm0Sdu&p=https%3A//www.edocr.com&dtd=186
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.edocr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 15 Sep 2021 10:21:28 GMT
server
cafe
content-length
212
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 10:36:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 15 Sep 2021 10:21:28 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210913&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s44-in-f2.1e100.net
Software
cafe /
Resource Hash
d391b1314d46e6d04cc6b59c73e56d3fd0d0116050ba0b2a3d467bfacf8cbbdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 10:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8483
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.36.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s12-in-f2.1e100.net
Software
sffe /
Resource Hash
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 10:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
server
sffe
etag
"1631547519045135"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 10:21:28 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EEDE 		436 B
233 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=600&slotname=3952982610&adk=937441900&adf=3095482696&pi=t.ma~as.3952982610&w=120&lmt=1631701288&psa=0&format=120x600&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631701288073&bpp=1&bdt=1230&idt=194&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250&correlator=1273655864210&frm=20&pv=1&ga_vid=1615639.1631701287&ga_sid=1631701288&ga_hid=1098471010&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=25&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062491%2C31062297&oid=3&pvsid=275026157009128&pem=176&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0pJWT4Z28k&p=https%3A//www.edocr.com&dtd=198
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s12-in-f2.1e100.net
Software
cafe /
Resource Hash
d0667a07e3436858d76324a7ad9f35586df28cea5b6ea7dc2a599cc3d7e5bc3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6933461940627641&output=html&h=600&slotname=3952982610&adk=937441900&adf=3095482696&pi=t.ma~as.3952982610&w=120&lmt=1631701288&psa=0&format=120x600&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631701288073&bpp=1&bdt=1230&idt=194&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250&correlator=1273655864210&frm=20&pv=1&ga_vid=1615639.1631701287&ga_sid=1631701288&ga_hid=1098471010&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=25&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062491%2C31062297&oid=3&pvsid=275026157009128&pem=176&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0pJWT4Z28k&p=https%3A//www.edocr.com&dtd=198
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.edocr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 15 Sep 2021 10:21:28 GMT
server
cafe
content-length
210
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 10:36:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 15 Sep 2021 10:21:28 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 613C 		436 B
233 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=485626509&pi=t.ma~as.4103433139&w=300&lmt=1631701288&psa=0&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631701288074&bpp=1&bdt=1231&idt=199&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600&correlator=1273655864210&frm=20&pv=1&ga_vid=1615639.1631701287&ga_sid=1631701288&ga_hid=1098471010&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1270&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062491%2C31062297&oid=3&pvsid=275026157009128&pem=176&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PumpAw4Lk0&p=https%3A//www.edocr.com&dtd=202
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f0c35c1eb5e871f048df77cdc78f77ecf8a933710dade4d3c7ff055fa0e6bc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=485626509&pi=t.ma~as.4103433139&w=300&lmt=1631701288&psa=0&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631701288074&bpp=1&bdt=1231&idt=199&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600&correlator=1273655864210&frm=20&pv=1&ga_vid=1615639.1631701287&ga_sid=1631701288&ga_hid=1098471010&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1270&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062491%2C31062297&oid=3&pvsid=275026157009128&pem=176&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PumpAw4Lk0&p=https%3A//www.edocr.com&dtd=202
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.edocr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 15 Sep 2021 10:21:28 GMT
server
cafe
content-length
210
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 10:36:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 15 Sep 2021 10:21:28 GMT
cache-control
private
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&tn=DIV&cls=overlay&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s44-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 10:21:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&tn=HEADER&cls=MuiPaper-root%20MuiAppBar-root%20MuiAppBar-positionFixed%20MuiAppBar-colorPrimary%20jss2%20mui-fixed%20MuiPaper-elevation4&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s44-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 10:21:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4230 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&adk=1812271804&adf=3025194257&lmt=1631701288&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631701288123&bpp=1&bdt=1280&idt=156&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600%2C300x250&nras=1&correlator=1273655864210&frm=20&pv=1&ga_vid=1615639.1631701287&ga_sid=1631701288&ga_hid=1098471010&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062491%2C31062297&oid=3&pvsid=275026157009128&pem=176&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=163
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6933461940627641&output=html&adk=1812271804&adf=3025194257&lmt=1631701288&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fewv5z2wo%2Fjamesbrown723426%2Fboost-your-immune-system-with-roncuvita-panch-tuls&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631701288123&bpp=1&bdt=1280&idt=156&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600%2C300x250&nras=1&correlator=1273655864210&frm=20&pv=1&ga_vid=1615639.1631701287&ga_sid=1631701288&ga_hid=1098471010&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062491%2C31062297&oid=3&pvsid=275026157009128&pem=176&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=163
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.edocr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 15 Sep 2021 10:21:28 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 10:36:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 15 Sep 2021 10:21:28 GMT
cache-control
private
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.168.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s40-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 10:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 15 Sep 2021 10:21:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 217F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.168.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s40-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.edocr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 15 Sep 2021 09:31:21 GMT
expires
Thu, 15 Sep 2022 09:31:21 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3007
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 46B4 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f99.1e100.net
Software
GSE /
Resource Hash
cbf44b1ca8b45873ee2de3bb4bc8744a986d2f5ed2526059a4c41ca6de7c3fa3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+yQcTbJAM+rQBQVO6Y1x2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.edocr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 15 Sep 2021 10:21:28 GMT
date
Wed, 15 Sep 2021 10:21:28 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-+yQcTbJAM+rQBQVO6Y1x2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame 217F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s44-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 00:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
207437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 00:44:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 46B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210913&jk=275026157009128&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s44-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
truncated
/ 		47 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a0ee3a91cf302755db014201173c67d5a73d0cb860a7a65619e4ba886b3419d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4833d8fc61d47df7c9363cb5b2e34e5c90c5d9813ea1bcf6024d90e307694312

Request headers

Referer
Origin
https://www.edocr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
Attributes
www.edocr.com/pas/Document/q/ 		41 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Document/q/Attributes?DocumentID=u7lKMCUVX1XYcZfAtGHsjxA&DesiredPageCountConfidence=50
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.169.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-169-58.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
e6d3c35d004dc673dcfde2897afabd8910dc3d8d64fd056913316f23885983d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Accusoft-Parent-Pid
0
Accusoft-Parent-Name
ViewerControl
Sec-Fetch-Dest
empty
Cookie
_ga=GA1.2.1615639.1631701287; _gid=GA1.2.1882990989.1631701287; _gat=1; __gads=ID=7b2c977b76990a00-2289512e25cb0023:T=1631701288:RT=1631701288:S=ALNI_MY9-FMngrUQGB6ZTA-l1AYTNMeOpA
Connection
keep-alive
Accusoft-Gid
RJY003m91REjBmbqJ4Qscw
Pragma
no-cache
Host
www.edocr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Sec-Fetch-Site
same-origin
Accusoft-Parent-Taskid
0
Accusoft-Gid
RJY003m91REjBmbqJ4Qscw
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Accusoft-Parent-Pid
0
Accusoft-Parent-Taskid
0

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
X-Content-Type-Options
nosniff
server
nginx
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
date
Wed, 15 Sep 2021 10:21:28 GMT
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-headers
*
Content-Length
59
build-number
2134
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210913&jk=275026157009128&bg=!vr2lvfnNAAYT0U73E9E7ACkAdvg8WmKUxaHPArDwdW0cb_i4K4b1c1sR22MjCnv8FzyTaCTt9pfO1AIAAAC7UgAAAAxoAQeZAn54AGbhHRgW6MZsDvMZLJLmnlcculcviIL9s9hCPj7o4P3lSeQnrRpCX_YLmG_a4GgurAJZTTif6aKzWddLyqBL9yJnvJxh4v53MJ3d3Nh5wzH4dyF00X-JEfiUtr7Oa76PV5iYiGcwYi3HINhVjp719qZvS35xFh05gb0P7Ov_V1338lwsysPgUJXQjCdMXjRuqZQeZEQmIKiz3zozEoxdz9BIRnllaFWrRoPltgxFm9m9znHEbbnbiqkmG7l4X89ny-IFu9dOVqrSIiQjpWeYe0dWd4B9DxCh1qS-ePcprEkldPur5coSjqC849wTozuNvO-puX_vfzaIWzLXdMjDAV79KRyIXRJo9GloFqc48uOsoP-Ti7xIsT9kTqe5iBNGHJ4a6sC8SMVQTm1KeaGTiBD94FvSYE0yiFh7raf_I74q5aLxdQAzhLZ8JKnq8N-dLbfjjMTBaz6dN7GjJnOpRv__Ne-gB1U2NKOM53KJHbUlG3zc_UULDNhQ-sUgedQVbr8N-C10vtfSJB6XPo5XHpQd9KY_vhqpjwHJGyCsSxHanFt-hRlYLFwNKo7RGW0LtEh9H1cJbMIAF_Oq4JY0REuHNnfe7VDmrdKphauX-PvcHiDwTpGjI0o5Ir1csbW_-cpoeJyAqcEmUn7CO_fq0uPwvtfqBKoV1MhTSha3Gni9m6KP43OxZL7wXDu97cIYKU6Db0mD7fGxDSihuzTdS-wtbsWPJbi1yVuq6mlfQbjSuj1MxvQMi6bGNIURTzuJjpmis3cKzWv91ndwPHQh0Gn-yY6qhu0QA0SkM04ZYKIg8Nvg9yCgu3KTP9-dqwm9kbW3eNG3RrLaHhpsQw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s44-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 10:21:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
www.edocr.com/pas/Page/q/ 		47 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Page/q/1?DocumentID=u7lKMCUVX1XYcZfAtGHsjxA&Scale=1&ContentType=svgb
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.169.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-169-58.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
4eb2676ec6d4fac1a6516ad6ebfc7e4cc46609a653e44e8a2c09b1fd8625b287
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Accusoft-Parent-Pid
0
Accusoft-Parent-Name
ViewerControl
Sec-Fetch-Dest
empty
Cookie
_ga=GA1.2.1615639.1631701287; _gid=GA1.2.1882990989.1631701287; _gat=1; __gads=ID=7b2c977b76990a00-2289512e25cb0023:T=1631701288:RT=1631701288:S=ALNI_MY9-FMngrUQGB6ZTA-l1AYTNMeOpA
Connection
keep-alive
Accusoft-Gid
jggKEndHaGa5HO9ELststw
Pragma
no-cache
Host
www.edocr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Sec-Fetch-Site
same-origin
Accusoft-Parent-Taskid
0
Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Accusoft-Gid
jggKEndHaGa5HO9ELststw
Accept-Language
de-DE,de;q=0.9
Accusoft-Parent-Pid
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accusoft-Parent-Taskid
0

Response headers

date
Wed, 15 Sep 2021 10:21:29 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2134
Text
www.edocr.com/pas/Document/q/0-0/ 		58 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Document/q/0-0/Text?DocumentID=u7lKMCUVX1XYcZfAtGHsjxA
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.169.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-169-58.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
6f8532acea25e9534362b81438c016bbd4dde029d76b4db74e87b2cc25b44dd4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Accusoft-Parent-Pid
0
Accusoft-Parent-Name
ViewerControl
Sec-Fetch-Dest
empty
Cookie
_ga=GA1.2.1615639.1631701287; _gid=GA1.2.1882990989.1631701287; _gat=1; __gads=ID=7b2c977b76990a00-2289512e25cb0023:T=1631701288:RT=1631701288:S=ALNI_MY9-FMngrUQGB6ZTA-l1AYTNMeOpA
Connection
keep-alive
Accusoft-Gid
WQoOyNpm1uY7x5KUV3kSCQ
Pragma
no-cache
Host
www.edocr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
application/json
Cache-Control
no-cache
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Sec-Fetch-Site
same-origin
Accusoft-Parent-Taskid
0
Accusoft-Parent-Name
ViewerControl
Accusoft-Gid
WQoOyNpm1uY7x5KUV3kSCQ
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
application/json
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Accusoft-Parent-Pid
0
Accusoft-Parent-Taskid
0

Response headers

date
Wed, 15 Sep 2021 10:21:29 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2134
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c39b8da49b4b191f00365068d8401cc38c6747b58dbb1a7f5aab9601504e201f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
Text
www.edocr.com/pas/Document/q/1-1/ 		46 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Document/q/1-1/Text?DocumentID=u7lKMCUVX1XYcZfAtGHsjxA
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.169.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-169-58.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
123c1caf4f47af4195dfc853d1c54fd47db8bd7a486a39b7c2f531be200af69f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Accusoft-Parent-Pid
0
Accusoft-Parent-Name
ViewerControl
Sec-Fetch-Dest
empty
Cookie
_ga=GA1.2.1615639.1631701287; _gid=GA1.2.1882990989.1631701287; _gat=1; __gads=ID=7b2c977b76990a00-2289512e25cb0023:T=1631701288:RT=1631701288:S=ALNI_MY9-FMngrUQGB6ZTA-l1AYTNMeOpA
Connection
keep-alive
Accusoft-Gid
MMJkXkFpkEcYVIhi3QhV2A
Pragma
no-cache
Host
www.edocr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
application/json
Cache-Control
no-cache
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Sec-Fetch-Site
same-origin
Accusoft-Parent-Taskid
0
Accusoft-Parent-Name
ViewerControl
Accusoft-Gid
MMJkXkFpkEcYVIhi3QhV2A
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
application/json
Referer
https://www.edocr.com/v/ewv5z2wo/jamesbrown723426/boost-your-immune-system-with-roncuvita-panch-tuls
Accusoft-Parent-Pid
0
Accusoft-Parent-Taskid
0

Response headers

date
Wed, 15 Sep 2021 10:21:30 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2134

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect boolean| originAgentCluster string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint function| setImmediate function| clearImmediate object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| IPCC object| PCCViewer function| setDetailsPaneVisible object| vc object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| documentInfo object| google_persistent_state_async function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms boolean| viewerReady boolean| pageFitted boolean| initialScroll

5 Cookies

Domain/Path Name / Value
.edocr.com/ Name: _ga
Value: GA1.2.1615639.1631701287
.edocr.com/ Name: _gid
Value: GA1.2.1882990989.1631701287
.edocr.com/ Name: _gat
Value: 1
.edocr.com/ Name: __gads
Value: ID=7b2c977b76990a00-2289512e25cb0023:T=1631701288:RT=1631701288:S=ALNI_MY9-FMngrUQGB6ZTA-l1AYTNMeOpA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s3.amazonaws.com
tpc.googlesyndication.com
www.edocr.com
www.google-analytics.com
www.google.com
www.googletagservices.com
142.250.102.99
142.250.179.130
142.250.179.194
142.250.179.206
142.251.36.2
142.251.36.34
172.217.168.225
3.234.169.58
52.217.107.54
123c1caf4f47af4195dfc853d1c54fd47db8bd7a486a39b7c2f531be200af69f
2ed65935daf156b846a54163ce1c07e4c9d6933464cbce6d2e0a6930602a259b
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
46768c2bc6e9ea40e6ffed5f8d47e862030d3f567423ff69327a31b02c4397fc
4833d8fc61d47df7c9363cb5b2e34e5c90c5d9813ea1bcf6024d90e307694312
4eb2676ec6d4fac1a6516ad6ebfc7e4cc46609a653e44e8a2c09b1fd8625b287
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
65e4e63638e9c69fe634cc25b595b20afe3e704f5eb8adf36a551e3c23a12ecf
6a0ee3a91cf302755db014201173c67d5a73d0cb860a7a65619e4ba886b3419d
6a31f5e2ef9d66ae390fc16ca76b56aeb76c06b43e1e6b34979f27f9a25d330c
6f8532acea25e9534362b81438c016bbd4dde029d76b4db74e87b2cc25b44dd4
7a82d9b195089e310f66522a266658d3596daf0938160b47df9cec0b35343b1e
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
af4cd0fb663cf89405e77b33e4448d04589a7037830557077f6fadd65efcf9c0
b1ba9fa4ad8fdf667f000a62ef0aebcd3b169d9e70a0e7079072471016139c68
b5db94192b968af443e8ab3b3eb02a4c11b27e66750f666824c6ee7cb04d8028
b8657baaa6b95a17c934001c3338f3cdff05bf8ce67ffe25c3b7ab53cd580241
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c39b8da49b4b191f00365068d8401cc38c6747b58dbb1a7f5aab9601504e201f
cbf44b1ca8b45873ee2de3bb4bc8744a986d2f5ed2526059a4c41ca6de7c3fa3
ce71794a73bbf003e982b1830d9b96342a333ab7734efc3d78751f98160aa0db
d0667a07e3436858d76324a7ad9f35586df28cea5b6ea7dc2a599cc3d7e5bc3b
d391b1314d46e6d04cc6b59c73e56d3fd0d0116050ba0b2a3d467bfacf8cbbdd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d3c35d004dc673dcfde2897afabd8910dc3d8d64fd056913316f23885983d8
f0c35c1eb5e871f048df77cdc78f77ecf8a933710dade4d3c7ff055fa0e6bc34
f2f3f2fae191644882b712642d3e7a00f0627a488a6616c7dcd6a1dfe3b189b8
f8cf69dc84013289af1e855e80a0813e7d41cef8d7d618a6f356b16d978be74b
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62