urlscan.io logo urlscan.io
SecurityTrails logo

www.paymydoctor.online Open in urlscan Pro
2606:4700:3034::ac43:dd2d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paymydoctor.online/
Effective URL: https://www.paymydoctor.online/
Submission Tags: phishing scam Search All
Submission: On December 11 via api from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3034::ac43:dd2d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.paymydoctor.online.
TLS certificate: Issued by GTS CA 1P5 on October 15th 2023. Valid for: 3 months.
This is the only time www.paymydoctor.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 18 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
3 192.243.59.13 39572 (ADVANCEDH...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
33 7
1    2606:4700:3032::6815:237c (United States)

ASN13335 (CLOUDFLARENET, US)
paymydoctor.online
18    2606:4700:3034::ac43:dd2d (United States)

ASN13335 (CLOUDFLARENET, US)
paymydoctor.online
www.paymydoctor.online
6    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
boilerefforlessefforlessregistered.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
19 paymydoctor.online
paymydoctor.online
www.paymydoctor.online
242 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
224 KB
3 boilerefforlessefforlessregistered.com
boilerefforlessefforlessregistered.com
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
33 5
Domain Requested by
17 www.paymydoctor.online www.paymydoctor.online
6 pagead2.googlesyndication.com www.paymydoctor.online
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 boilerefforlessefforlessregistered.com www.paymydoctor.online
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 paymydoctor.online 2 redirects
1 www.google.com tpc.googlesyndication.com
33 7

This site contains links to these domains. Also see Links.

Domain
www.paymydoctor.com
Subject Issuer Validity Valid
paymydoctor.online
GTS CA 1P5		 2023-10-15 -
2024-01-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
boilerefforlessefforlessregistered.com
R3		 2023-11-14 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.paymydoctor.online/
Frame ID: 6D04DBDAD07F09B2DB76B095FABDF9BF
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: 0320C0D7B7B3E87B0347D0BB771B8D3C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5782915366189302&output=html&adk=1812271804&adf=3025194257&lmt=1702290540&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fwww.paymydoctor.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702293531280&bpp=3&bdt=220&idt=234&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2993811579095&frm=20&pv=2&ga_vid=446911433.1702293532&ga_sid=1702293532&ga_hid=1230871550&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079864%2C44795922%2C31080037%2C44800659%2C95320885&oid=2&pvsid=3782773436899597&tmod=119913877&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=248
Frame ID: D601EBBB95844A8A0974B2C7FE015ADF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1B94219FE37B8346E35628FAE28765C2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37B471756399486952F1D7C3AD5367EA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PayMyDoctor - Pay Medical Bill Online at PayMyDoctor.com

Page URL History Show full URLs

  1. http://paymydoctor.online/ HTTP 301
    https://paymydoctor.online/ HTTP 301
    https://www.paymydoctor.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

33
Requests

97 %
HTTPS

86 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

471 kB
Transfer

1286 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paymydoctor.online/ HTTP 301
    https://paymydoctor.online/ HTTP 301
    https://www.paymydoctor.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.paymydoctor.online/
Redirect Chain
  • http://paymydoctor.online/
  • https://paymydoctor.online/
  • https://www.paymydoctor.online/
67 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.6.0
Resource Hash
1bbbbaa14ef6c9d2a60e998cc18b84dc4426fcc8b6c70799d275c4cfceab6ad1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=610,public
cf-cache-status
DYNAMIC
cf-ray
833d5444fd1e9ba4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 11 Dec 2023 11:18:51 GMT
expires
Mon, 11 Dec 2023 11:29:00 GMT
last-modified
Mon, 11 Dec 2023 10:29:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1OUADffyRmFs4vfvc3uP1VTHtC78dHARfQwMWKPQjgva9TQO3qcQlPq90qUx7zc9gQrk0%2F6WtvY2jCaBPnynXUFiqZL0CIWcx259LW7ENj3wvkhByfLCIw70zENIXl1Z%2BQ8KRf7u0Tdya8V4ffCCqwRhmly"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Cookie
x-powered-by
W3 Total Cache/2.6.0
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
DYNAMIC
cf-ray
833d54407fc79ba4-FRA
content-type
text/html; charset=UTF-8
date
Mon, 11 Dec 2023 11:18:50 GMT
expires
Mon, 11 Dec 2023 12:18:50 GMT
location
https://www.paymydoctor.online/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WA3fX95T%2BG5%2FvUa68lWbKNxNgqHN%2B9BjLLv0xUQk2L5yA0CFmvQAMkqxHnfby6SVkswiQa44RpFwK0af0HhCB3CgXhm80qiRtRAiCcoB1srKkPmcB6CTxhh0wSWNVN4v0MB9J0ANUVXm4VG4mk5UFRY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-redirect-by
WordPress
x-turbo-charged-by
LiteSpeed
lazyload.min.js
www.paymydoctor.online/wp-content/plugins/w3-total-cache/pub/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.6
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2990
x-powered-by
W3 Total Cache/2.2.6
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 Nov 2023 06:51:15 GMT
server
cloudflare
etag
W/"1883-655b01e3-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1y408AzAZRvz9BL8PG1m3ZfehwzKGeEhQRdSD3fktWUJfVJ23ktQaEPuUfkJFT3n%2FC5o9O70ST%2FxnydZbfGF1t7BGBlANqh0amhaVF8Hxi2FSF9MKuBrNkTkgghzzfj%2F824RxEbts%2BqC9CH5uo5F9QlLiZ4u"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d544939f99ba4-FRA
expires
Tue, 10 Dec 2024 10:29:01 GMT
a5ff7.css
www.paymydoctor.online/wp-content/cache/minify/ 		107 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/cache/minify/a5ff7.css
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.6.0
Resource Hash
3d5be68950b09024cb39900c736cf39c2dda19655d3852a87e2a78acd2767c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2990
x-powered-by
W3 Total Cache/2.6.0
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Dec 2023 15:41:13 GMT
server
cloudflare
etag
W/"37f6-65748a99-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xj2lQafc7Y0%2FAtwnZOMPfHH%2Fn63vAGq%2B%2BG6UjfwBRHw0BxCZ8l0V6kiTLQL8GX%2BjIcdZcAaPMTO%2BVQL6i38KEgZSNCqsy4tZ0ml2w8NV%2BFeOooXwrV6vtDHLk2rJ44srCRUlFNEa10qv4cwOKSiamzEe8UJK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d544939f09ba4-FRA
expires
Tue, 10 Dec 2024 10:29:01 GMT
6ac83.css
www.paymydoctor.online/wp-content/cache/minify/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/cache/minify/6ac83.css
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.6.0
Resource Hash
ff6d03f45388b7cef7bb067ce45d9a61169199dd61ab805b2e7e3def60f72031

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2990
x-powered-by
W3 Total Cache/2.6.0
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Dec 2023 15:08:15 GMT
server
cloudflare
etag
W/"2028-6575d45f-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJ1NdIqDXTqjevNRetPkrLI76iaoJGlbOwcigPbOGfVnqiL4JVTCK526qfp2iNbMQsKm4RUgbjCHulmIm99QrEaIXc1o70EdtoWPbHQf49ot0mrBtugZlH0LfAbUSacZJEpfyH5fZLV59mH9hMj1ObZnBRgv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d544939f29ba4-FRA
expires
Tue, 10 Dec 2024 10:29:01 GMT
bf29a.css
www.paymydoctor.online/wp-content/cache/minify/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/cache/minify/bf29a.css
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.6.0
Resource Hash
3a494cb8a3fc5345ca81844d27d3e0834aa754aeaa0056f1710a1df56acd983c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2990
x-powered-by
W3 Total Cache/2.6.0
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Dec 2023 15:08:15 GMT
server
cloudflare
etag
W/"1a8e-6575d45f-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FO36ft%2F3fuuXNLOdGYttYg0MVwfmISXfN2J03sLBPESQlUuihoz7DpzQh5udlRc13SoGI%2FrYbcBqOK1tLW4GHPfYvhgw8LEYNqYEk0tUqVAtbCp4KxJzWpt11RQAWA71qzebRIUBFRgQTfUwjQ0wHtM8wMGL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d544939f59ba4-FRA
expires
Tue, 10 Dec 2024 10:29:01 GMT
dd4dd.css
www.paymydoctor.online/wp-content/cache/minify/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/cache/minify/dd4dd.css
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.6.0
Resource Hash
646ed060647db2c125639c876b238d9ea02c276dad163e027c2fa9833b944d1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2990
x-powered-by
W3 Total Cache/2.6.0
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Dec 2023 15:08:15 GMT
server
cloudflare
etag
W/"c2f-6575d45f-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1nbN%2B0U3LfdspZYW0qKK5SyrzHLuz9cQWA%2BXBlMkIX%2B8Xt8TeERSN5I0jRFGL41QHGGvrytSmsYBaIAKh6VTrAMXhpkf9vmwB6EOuYXM1husuSjAMAuJzfQf31Tfgr4vfkqcGdBNQIloEEDdodowP0EgWdk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d544939f89ba4-FRA
expires
Tue, 10 Dec 2024 10:29:01 GMT
818c0.js
www.paymydoctor.online/wp-content/cache/minify/ 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/cache/minify/818c0.js
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.6.0
Resource Hash
fbb5f2ccde427720073f4757673dfc6912f94de36841444083b4da740fef9576

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2990
x-powered-by
W3 Total Cache/2.6.0
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Dec 2023 15:08:15 GMT
server
cloudflare
etag
W/"861e-6575d45f-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9lvbVyFssE2HlFKLmtiTo00ibLjo2xda%2F41YtiP%2BsVdCe6mM%2BMOKKL63df6eEbyFjzS26kwElRP5okMQ%2FNOXtc1u1N%2Byx2%2FsourPXM%2BzpvNh2TfjZ3F2VyAhy0iteA4FQGk77H9W2YjPyTjcGdPdzEzcVFY"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d544939fa9ba4-FRA
expires
Tue, 10 Dec 2024 10:29:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5782915366189302
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6d1047b9b8b20d29d5c78079642b6bf8974de820b3151aba53df43f5d82e8a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paymydoctor.online/
Origin
https://www.paymydoctor.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51454
x-xss-protection
0
server
cafe
etag
9279091436631355693
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 11:18:51 GMT
1f540.js
www.paymydoctor.online/wp-content/cache/minify/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/cache/minify/1f540.js
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.6.0
Resource Hash
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2990
x-powered-by
W3 Total Cache/2.6.0
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Dec 2023 15:08:15 GMT
server
cloudflare
etag
W/"c74-6575d45f-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTonv%2BGxKUG%2BcnsB6lTQpBV2uzpdxhGjPoO%2B11FQ4VraUQbI7E7TbHV0YFYzdLXJueUz%2FZkCdccSYNUvCXyGYVcAX4f4rDfc7Keot2B3WtvOoq40TBnFVbz%2FzDA9XTmhYjUGaQ6vmbP2EX0da%2FfzTBUEGcL2"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d544939fb9ba4-FRA
expires
Tue, 10 Dec 2024 10:29:01 GMT
4d554.js
www.paymydoctor.online/wp-content/cache/minify/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/cache/minify/4d554.js
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.6.0
Resource Hash
fa65d8e62e4c45aff0de6a7a02a883e6068bd08eb83866273ae5723d5420fba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2990
x-powered-by
W3 Total Cache/2.6.0
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Dec 2023 15:08:15 GMT
server
cloudflare
etag
W/"39ff-6575d45f-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnGxxZpI2U2GWwDkUuBe4cziy%2FOAvWTpBLlmmsFtuu4c4saVrhMeqJIRQtls%2BRe32mtf3ed8UaCmFVNZCbg9uKOqMLr0ZHoBFWGEVBuZlC9HeU8iA1P9M2GZjqGFAoQsyUVvt5tJSnJYpXij6vc%2FQr70URyR"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d544939fd9ba4-FRA
expires
Tue, 10 Dec 2024 10:29:01 GMT
8d749.js
www.paymydoctor.online/wp-content/cache/minify/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/cache/minify/8d749.js
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.6.0
Resource Hash
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2990
x-powered-by
W3 Total Cache/2.6.0
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Dec 2023 15:41:13 GMT
server
cloudflare
etag
W/"680-65748a99-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8ioSus9HIViLzUz1UdioQ962pZ164q0DpR0ftqWyKeDP%2FDr536OfrLZS4pArHh54t2LweSlOPuyfhOLWDjMHK7jy3EVW9A%2FbVJ7BDdziAR2gJ2PN5EzOKadQ5GD0wjqlIX4rX6CBnAXuZXah8cxKY8w4vy2"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d544939fe9ba4-FRA
expires
Tue, 10 Dec 2024 10:29:01 GMT
fa8fa.js
www.paymydoctor.online/wp-content/cache/minify/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/cache/minify/fa8fa.js
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.6.0
Resource Hash
21d9610725648cd536ccb9178ae2657291b2bf0371a4f4fe9b429bc0e378e3e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2989
x-powered-by
W3 Total Cache/2.6.0
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Dec 2023 15:44:54 GMT
server
cloudflare
etag
W/"758a-65748b76-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVLwthkDMx3grcdq%2BXUDOvUadolNeAMuddNolGYZsRDi49y6M61BySShmqc9CM2RmPXKa88YliPEAfkRdWH6C%2F0dkMhpzc12%2FVHZgOP1T%2FeF3oLCw4shc41c%2Fvifmk6ycF4RNtM3JwKcRPN7vL4ZalfvIsqN"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d544939ff9ba4-FRA
expires
Tue, 10 Dec 2024 10:29:01 GMT
45ffb.js
www.paymydoctor.online/wp-content/cache/minify/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/cache/minify/45ffb.js
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.6.0
Resource Hash
a88ba0b09a4416c080044dc095eabf66ca59e4d12a1d6201457b693687be85d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2989
x-powered-by
W3 Total Cache/2.6.0
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Dec 2023 15:41:13 GMT
server
cloudflare
etag
W/"69c-65748a99-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4nyz%2FwAtSO2Cu8KI4DSz66nvZiVdj4mhY2KelQkEJeyjTiE6qsGm4CbGXP47qrSO6q4bzLzhPSxcX5rCr3tgra7uJalJIccv1p1Ic0fP7xcz35pKQejXZGL1myzKAmO10qODDxRJShoSxPx%2BwnoxKfdxPbL"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d54498a619ba4-FRA
expires
Tue, 10 Dec 2024 10:29:02 GMT
f4bea.js
www.paymydoctor.online/wp-content/cache/minify/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/cache/minify/f4bea.js
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.6.0
Resource Hash
ec69700d53187dab72f18d3073acc71161dd3d20c205d73611f007b3bcd5ad4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2989
x-powered-by
W3 Total Cache/2.6.0
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Dec 2023 15:44:54 GMT
server
cloudflare
etag
W/"deb-65748b76-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jmh2Nek3%2BajXG046Nxum%2F2hTeqXvWYKJuWGn7MNxphnzxz%2FBHks45cteIc%2BRDQ87eA1ioILWkPoMQSUEKCmffUR1URsEQ%2Fa2wFeBXGP1wMRg%2FMC4Se3%2B1xrIrLEyXazVT09Qo6%2BXcCBZrg1v5XU%2B%2BohGxBy"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d54499a719ba4-FRA
expires
Tue, 10 Dec 2024 10:29:02 GMT
92e35064-38ed-4d1a-958b-75eb64d33f1f
https://www.paymydoctor.online/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.paymydoctor.online/92e35064-38ed-4d1a-958b-75eb64d33f1f
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
invoke.js
boilerefforlessefforlessregistered.com/13a2988ccfaffc866b76ab24214f7863/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://boilerefforlessefforlessregistered.com/13a2988ccfaffc866b76ab24214f7863/invoke.js
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://www.paymydoctor.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 11 Dec 2023 11:18:51 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
generatepress.woff2
www.paymydoctor.online/wp-content/themes/generatepress/assets/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/wp-content/cache/minify/dd4dd.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.6
Resource Hash
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Referer
https://www.paymydoctor.online/wp-content/cache/minify/dd4dd.css
Origin
https://www.paymydoctor.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2989
x-powered-by
W3 Total Cache/2.2.6
alt-svc
h3=":443"; ma=86400
content-length
1264
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Sep 2023 05:19:37 GMT
server
cloudflare
etag
"4f0-65053ae9-0;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uib7aEeFPZHvR6aXoC6fxpp9qBaMPOgflk6t1u2Ui9Jsz70LfwZw%2BpAVWxiAboM3QEY4ROduIMBxwWqQQFp1mnG6q6zi7NnJl6ZzEOp4q62ylFcgnmWxzD4iWS2Pz9RrdDOsXlcTODYa%2F0ufJgy9Xt%2FqW86t"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833d54499a759ba4-FRA
expires
Tue, 10 Dec 2024 10:29:02 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5782915366189302&plah=www.paymydoctor.online&bust=31080037
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5782915366189302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8154f9d06bd18ab8949766d60f8d241844d1724712f48c65bdf2a1af1463f859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137978
x-xss-protection
0
server
cafe
etag
7659917446816762254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 11:18:51 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 0320 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5782915366189302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paymydoctor.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57111
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 19:27:00 GMT
etag
5585625838579639069
expires
Sun, 24 Dec 2023 19:27:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D601 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5782915366189302&output=html&adk=1812271804&adf=3025194257&lmt=1702290540&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fwww.paymydoctor.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702293531280&bpp=3&bdt=220&idt=234&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2993811579095&frm=20&pv=2&ga_vid=446911433.1702293532&ga_sid=1702293532&ga_hid=1230871550&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079864%2C44795922%2C31080037%2C44800659%2C95320885&oid=2&pvsid=3782773436899597&tmod=119913877&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=248
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5782915366189302&plah=www.paymydoctor.online&bust=31080037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paymydoctor.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 11:18:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b73cf3c977e9fee627722e46cf93db053057757be56f924abeba6633cf65fc60

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
invoke.js
boilerefforlessefforlessregistered.com/5ed9b467cc480e94dfcf9242f6156949/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://boilerefforlessefforlessregistered.com/5ed9b467cc480e94dfcf9242f6156949/invoke.js
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://www.paymydoctor.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 11 Dec 2023 11:18:51 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
boilerefforlessefforlessregistered.com/c7dd6b74b59c9d403a2a58e78417d74d/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://boilerefforlessefforlessregistered.com/c7dd6b74b59c9d403a2a58e78417d74d/invoke.js
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://www.paymydoctor.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 11 Dec 2023 11:18:51 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b83f81f55fa09e83b30b4d9dc24f72d60975809524b46537665fda7d9ad8119e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85acea3afdb82166f77309da3ef8e9d14c1d38299b00852642045e0dc225608f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
483784ecdf80ccaffd50869e23e2efdbeed9343b1b4c7dae837667e4984a68a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
fontawesome-webfont.woff
www.paymydoctor.online/wp-content/plugins/responsive-accordion-and-collapse/css/font-awesome/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-content/plugins/responsive-accordion-and-collapse/css/font-awesome/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/wp-content/cache/minify/6ac83.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.6
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Referer
https://www.paymydoctor.online/wp-content/cache/minify/6ac83.css
Origin
https://www.paymydoctor.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:53 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.6
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 Nov 2023 06:51:08 GMT
server
cloudflare
etag
W/"14730-655b01dc-0;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pZVrweBwuOzrEh18CKTGk79%2BACFaILrTjSoxgiEF4XRb0dyKSgmxAIdG4jLlYtlhqNe1H8Zcf%2FXtM7Ywdzqjhp9jCimh37lxbFxx7kB2HMIQhCIpqvdKhIyTVTIMdKCmrE13hAIQOpVUQuIT%2FBExyQu6Csd"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d544f8f3e6eb4-CDG
expires
Tue, 10 Dec 2024 11:18:52 GMT
wp-emoji-release.min.js
www.paymydoctor.online/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paymydoctor.online/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.6
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:52 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.6
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Sep 2023 05:26:15 GMT
server
cloudflare
etag
W/"4904-65053c77-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fPpQhNofJQTJ56iI1ikuqFMjM4Miyd1opHgmdMkSKrbu%2FzDaG8ZRjbWHYc7MuNGA1wWrhDZs3tsIgg8qoGLT5SJNVJ%2FB7nJs%2BobKtWlEmw5doW3Sz1M9RHC8rH8xhP%2B%2FNgcwB0xFKQOd7S4HGKyi%2BH%2BDdy%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
833d544f9f4b6eb4-CDG
expires
Tue, 10 Dec 2024 11:18:52 GMT
truncated
/ 		980 B
980 B 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7dfd0cc0bc2c551f9779249efaac0a586b85fa33f11f5b3cbda5093a01ea3e42

Request headers

Referer
Origin
https://www.paymydoctor.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
paymydoctor-logo.png
www.paymydoctor.online/wp-content/uploads/2020/04/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paymydoctor.online/wp-content/uploads/2020/04/paymydoctor-logo.png
Requested by
Host: www.paymydoctor.online
URL: https://www.paymydoctor.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:dd2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.6
Resource Hash
2708cbc6f1822ab9da0d2d1f30de8a34568f0a34672c06af169905d9c3759d75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:52 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.6
alt-svc
h3=":443"; ma=86400
content-length
5387
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 26 Apr 2020 03:25:15 GMT
server
cloudflare
etag
"150b-5ea4ff1b-0;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKwawgbXHpVk8jQKyu0CmqZ1EfZMZKIfQMOdco4MQ97a17lXTdEE9XyLFrgVbF8YNmgaHbVY0SzoihRGw864YgTWGVk1qPiohaNLRABQWZV76dSmn7tVg7O8xuHmecUJczwcVdfF7Jw1ZDBC7Lu1ZnqDh87S"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833d544fcf766eb4-CDG
expires
Tue, 10 Dec 2024 11:18:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5782915366189302&plah=www.paymydoctor.online&bust=31080037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9272115c672f530dd70ec5fd2247a6ae2c69cb9ddc9545e5656c65319b39a20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12275
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5782915366189302&plah=www.paymydoctor.online&bust=31080037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Dec 2023 11:18:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1B94 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paymydoctor.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 10:37:55 GMT
expires
Tue, 10 Dec 2024 10:37:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 37B4 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b71c3190a03f27d65063236c9a64e33dc4a3c1e123da414e813fe01add499920
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W9Jrjl7vcVJcXbwIzFh5Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paymydoctor.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-W9Jrjl7vcVJcXbwIzFh5Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 11:18:53 GMT
expires
Mon, 11 Dec 2023 11:18:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1B94 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 09:53:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
5126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 09:53:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 37B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=3782773436899597&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 1B94 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9GVfyA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:18:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=3782773436899597&bg=!KSqlKmXNAAY3kmNgF5I7ADQBe5WfOPj49cKGtrsH15MDAMtfzNn9a2OkvIK3POt-YJaOEnpkTARy76eRad6SYMWNcGXRAgAAAEZSAAAAAWgBBwoALqKVMkE_DAqCDLZ_5ekHmQN8ESlgnuvG1Tf2XmDE0Z6wJHHRI7NoL7EQHSQQn3GZAv3PHbpY_u7hDBZTdUAQPr9UH6NqGClouy9VWqjUkF3CJtHR0yCI8g7ex_Uao78hDvCRMN3T4wRcCXrjWVN-n8uj9So-4mms4qtpYWqOdJQPjqCgUFLFvUEcJp2x_ovq8OnW0yjQ1OpIQO0rzSd3p3zxN--n6zZT_aHf8pi5rOSY3utRTNf5WIM8FKcAJBd9MB4JBocO86DMzTW8Z_OZaBkdAjiw7EsoFa62dtWIbzZoC2evaqEfavSEtFK5y5skgGLCqNzJEEzeeqs8qwnEgBU_zeWoJjs0WsSvrRHogiBqI2xoDc7hyi2089ztodDnkBQI3GIl2RCbmoaHYLTbYJib2X09ZeGYp6Xqd90LLIJxScMc_xIAO03R9nGibbNHiArPZNwMvK2iTDnD3_-vlM2ZMQaEVl5mr2qhejuej-505GVRj6u_tC8kf22UTwjw6VdjApAFXQiirbALa64lQsIutyFBIOzF6BhPJkyM9ECXeKJAuwtZHDV2p42x0E7yRspnR6WOW76Wo1mMpYopwHq_gwyl6J_B4jIn5C7AbyaXQ2tquiRxHnl7c1GkIXjNGdOaw8H5GzLYqxaGI_Bq2OEEt2cdP7hoPxBz8yjsmEamWUm-axEilk0lXPBtXYKxkzPgkhb7f3aM-CfIBksHyq4dq-L0AqFfsEf5M_PkaWpElG6JZ3NDe5GwLTlFD3TRsPwTpEO7ltw2NvReIQJzhD05i6uv5GMvjSFfhh42RuZputZSoob1vYjuIwP5VkK0HdHKo0pcwk8SgyWx-LEe19vs4NXjSKQZhytijWZOz0YdAXVcoGT_O7PBAdMCoKqVhr9VXHiNn43D6r_zKaZxmgZ3zpX1eKWEx5w8pO6yiTRe2YAAxNJkk0A8flLB81hkbrpEz8MOrXo7q0pYcdAWW9Ra7Ojr-Sz_cEZJ9xBhdu6IkAsQanspseH22FnUCp0h-Oewn7rquqzMOX9PGP4aSDxRD11AMHUxF0_kZa4MjK6i8XJsGZIhvXh8Pa4jbXc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paymydoctor.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery object| atOptions object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| do_resize object| swv object| wpcf7 object| generatepressMenu object| generatepressBackToTop function| DataTable number| w3tc_lazyload object| lazyLoadOptions function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof object| addComment function| LazyLoad object| twemoji object| wp object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

10 Console Messages

Source Level URL
Text
javascript warning URL: https://www.paymydoctor.online/(Line 166)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://boilerefforlessefforlessregistered.com/13a2988ccfaffc866b76ab24214f7863/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.paymydoctor.online/(Line 166)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://boilerefforlessefforlessregistered.com/13a2988ccfaffc866b76ab24214f7863/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5782915366189302&output=html&adk=1812271804&adf=3025194257&lmt=1702290540&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fwww.paymydoctor.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702293531280&bpp=3&bdt=220&idt=234&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2993811579095&frm=20&pv=2&ga_vid=446911433.1702293532&ga_sid=1702293532&ga_hid=1230871550&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079864%2C44795922%2C31080037%2C44800659%2C95320885&oid=2&pvsid=3782773436899597&tmod=119913877&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=248
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://boilerefforlessefforlessregistered.com/13a2988ccfaffc866b76ab24214f7863/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://www.paymydoctor.online/(Line 182)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://boilerefforlessefforlessregistered.com/5ed9b467cc480e94dfcf9242f6156949/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.paymydoctor.online/(Line 182)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://boilerefforlessefforlessregistered.com/5ed9b467cc480e94dfcf9242f6156949/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://boilerefforlessefforlessregistered.com/5ed9b467cc480e94dfcf9242f6156949/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://www.paymydoctor.online/(Line 196)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://boilerefforlessefforlessregistered.com/c7dd6b74b59c9d403a2a58e78417d74d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.paymydoctor.online/(Line 196)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://boilerefforlessefforlessregistered.com/c7dd6b74b59c9d403a2a58e78417d74d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://boilerefforlessefforlessregistered.com/c7dd6b74b59c9d403a2a58e78417d74d/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

boilerefforlessefforlessregistered.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
paymydoctor.online
tpc.googlesyndication.com
www.google.com
www.paymydoctor.online
192.243.59.13
2606:4700:3032::6815:237c
2606:4700:3034::ac43:dd2d
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:82f::2002
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1bbbbaa14ef6c9d2a60e998cc18b84dc4426fcc8b6c70799d275c4cfceab6ad1
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21d9610725648cd536ccb9178ae2657291b2bf0371a4f4fe9b429bc0e378e3e9
2708cbc6f1822ab9da0d2d1f30de8a34568f0a34672c06af169905d9c3759d75
3a494cb8a3fc5345ca81844d27d3e0834aa754aeaa0056f1710a1df56acd983c
3d5be68950b09024cb39900c736cf39c2dda19655d3852a87e2a78acd2767c42
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
483784ecdf80ccaffd50869e23e2efdbeed9343b1b4c7dae837667e4984a68a7
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
646ed060647db2c125639c876b238d9ea02c276dad163e027c2fa9833b944d1b
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
7dfd0cc0bc2c551f9779249efaac0a586b85fa33f11f5b3cbda5093a01ea3e42
8154f9d06bd18ab8949766d60f8d241844d1724712f48c65bdf2a1af1463f859
85acea3afdb82166f77309da3ef8e9d14c1d38299b00852642045e0dc225608f
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
a88ba0b09a4416c080044dc095eabf66ca59e4d12a1d6201457b693687be85d3
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
b71c3190a03f27d65063236c9a64e33dc4a3c1e123da414e813fe01add499920
b73cf3c977e9fee627722e46cf93db053057757be56f924abeba6633cf65fc60
b83f81f55fa09e83b30b4d9dc24f72d60975809524b46537665fda7d9ad8119e
c9272115c672f530dd70ec5fd2247a6ae2c69cb9ddc9545e5656c65319b39a20
d6d1047b9b8b20d29d5c78079642b6bf8974de820b3151aba53df43f5d82e8a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec69700d53187dab72f18d3073acc71161dd3d20c205d73611f007b3bcd5ad4f
fa65d8e62e4c45aff0de6a7a02a883e6068bd08eb83866273ae5723d5420fba5
fbb5f2ccde427720073f4757673dfc6912f94de36841444083b4da740fef9576
ff6d03f45388b7cef7bb067ce45d9a61169199dd61ab805b2e7e3def60f72031