urlscan.io logo urlscan.io
SecurityTrails logo

doctorultauonline.com Open in urlscan Pro
176.126.202.101  Public Scan

Go To Rescan Add Verdict Report
URL: http://doctorultauonline.com/
Submission: On March 07 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 20 domains to perform 219 HTTP transactions. The main IP is 176.126.202.101, located in Romania and belongs to GTS-BACKBONE GTS Telecom, RO. The main domain is doctorultauonline.com.
This is the only time doctorultauonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
43 176.126.202.101 5606 (GTS-BACKB...)
17 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
31 2a03:2880:f02... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
17 2606:4700::68... 13335 (CLOUDFLAR...)
10 104.19.134.78 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 142.250.181.226 15169 (GOOGLE)
3 2a03:2880:f12... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.200 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 104.19.136.78 13335 (CLOUDFLAR...)
219 27
43    176.126.202.101 (Romania)

ASN5606 (GTS-BACKBONE GTS Telecom, RO)
PTR: extreme01.octosquid.com
doctorultauonline.com
17    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
8    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
31    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
scontent.xx.fbcdn.net
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
17    2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
10    104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
3    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
15    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
6    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
3    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)
api.demand.supply
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
33006ed7b42f1d454ddcec9cdd52e250.safeframe.googlesyndication.com
24    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
Apex Domain
Subdomains		 Transfer
43 doctorultauonline.com
doctorultauonline.com
697 KB
42 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
33006ed7b42f1d454ddcec9cdd52e250.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
539 KB
29 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 635
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 391
654 KB
19 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
294 KB
19 demand.supply
live.demand.supply — Cisco Umbrella Rank: 27971
api.demand.supply — Cisco Umbrella Rank: 52735
35 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
159 KB
11 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8333
c.mgid.com — Cisco Umbrella Rank: 6428
cdn.mgid.com — Cisco Umbrella Rank: 10514
servicer.mgid.com — Cisco Umbrella Rank: 8449
s-img.mgid.com — Cisco Umbrella Rank: 7801
cm.mgid.com — Cisco Umbrella Rank: 2218
90 KB
9 google.com
apis.google.com — Cisco Umbrella Rank: 83
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
74 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
5 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
153 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
30 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 2955
onesignal.com — Cisco Umbrella Rank: 1292
73 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
148 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 525
syndication.twitter.com — Cisco Umbrella Rank: 769
133 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
83 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
654 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
28 KB
0 pushgoo.ru Failed
pushgoo.ru Failed
219 20
Domain Requested by
43 doctorultauonline.com doctorultauonline.com
27 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
24 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
17 live.demand.supply doctorultauonline.com
live.demand.supply
client
17 pagead2.googlesyndication.com doctorultauonline.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
doctorultauonline.com
8 www.gstatic.com doctorultauonline.com
googleads.g.doubleclick.net
7 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
6 www.google-analytics.com doctorultauonline.com
www.google-analytics.com
www.googletagmanager.com
6 fonts.googleapis.com doctorultauonline.com
googleads.g.doubleclick.net
4 cdn.mgid.com jsc.mgid.com
4 www.googletagservices.com googleads.g.doubleclick.net
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 www.google.com 2 redirects tpc.googlesyndication.com
3 www.facebook.com doctorultauonline.com
static.xx.fbcdn.net
3 www.googletagmanager.com doctorultauonline.com
2 cm.mgid.com jsc.mgid.com
2 scontent.xx.fbcdn.net www.facebook.com
2 api.demand.supply live.demand.supply
2 cdn.onesignal.com doctorultauonline.com
cdn.onesignal.com
2 jsc.mgid.com doctorultauonline.com
jsc.mgid.com
2 apis.google.com doctorultauonline.com
apis.google.com
2 platform.twitter.com doctorultauonline.com
platform.twitter.com
2 connect.facebook.net doctorultauonline.com
connect.facebook.net
1 s-img.mgid.com
1 servicer.mgid.com jsc.mgid.com
1 c.mgid.com jsc.mgid.com
1 33006ed7b42f1d454ddcec9cdd52e250.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 syndication.twitter.com platform.twitter.com
1 onesignal.com cdn.onesignal.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdnjs.cloudflare.com doctorultauonline.com
0 pushgoo.ru Failed doctorultauonline.com
219 35

This site contains links to these domains. Also see Links.

Domain
www.holidayplus.ro
sulvo.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
doctorultauonline.com
cPanel, Inc. Certification Authority		 2022-02-13 -
2022-05-14		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2021-04-21 -
2022-04-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-14 -
2022-03-14		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-31 -
2022-10-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 20 frames:

Primary Page: http://doctorultauonline.com/
Frame ID: FC1640117D02985C09D77A28E92E74BC
Requests: 123 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/zrt_lookup.html
Frame ID: ACCD3254CF4BFB8FF7A1D32FA0572AA8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flikebox.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdoctorultauonline%252F%26width%3D300%26height%3D250%26colorscheme%3Dlight%26show_faces%3Dtrue%26header%3Dfalse%26stream%3Dfalse%26show_border%3Dfalse
Frame ID: AD7BEBAA78821A37F48A27BB7B34E528
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&adk=1812271804&adf=3025194257&lmt=1646655433&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdoctorultauonline.com%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&dt=1646655432791&bpp=5&bdt=773&idt=235&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=270
Frame ID: A14F01F904BE71B44827B247C2C707D4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=http%3A%2F%2Fdoctorultauonline.com
Frame ID: BD4FB27C1CFB20026D133797B90A1AD6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
Frame ID: B0C8BD18EA75489E5D77C7737049079E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=2c94045f-bb3a-49b9-b97d-a07d1fee46ba&adk=1004640193&adf=1248439354&pi=t.ma~as.2c94045f-bb3a-49b9-_&w=728&lmt=1646655433&psa=0&format=728x90&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655433263&bpp=2&bdt=1245&idt=2&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=375984350&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=e7uIalTgAo&p=http%3A//doctorultauonline.com&dtd=5
Frame ID: 8FBB21796074285961161CACE11411A8
Requests: 11 HTTP requests in this frame

Frame: https://33006ed7b42f1d454ddcec9cdd52e250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 60958BF8E5F843B7B8A17342A80B5D0E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Frame ID: 74AD49B33A45A0C1E5711DDE1A111BFD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5035D14E6A12D4EAF398DC9B19E0FDD9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Frame ID: BD06841F09586EA212C2C4C50B2BE20F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CAD0AF631714ADDB58C21F902EB8F7A4
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6D1E1A1D4BEAF330FF8B6DF910E77B58
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 268874B64292972C18EA63080DEB9216
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Frame ID: 2A9C2FCF345C11BC3879B82FA0A50EC8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Frame ID: 29703084CCE55FB8B83251FD42C0C3AC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Frame ID: 327EA34C8CFBC1A12F977883B8C84FCB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B2856C84933FE2B38A6A412113A00DCC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A69FB3886F7F77CD0CFA7815A4FAB58
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1646655435703717922706
Frame ID: 7270A920337E7E565F7EAE4DD2A9FA61
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

doctorultauonline.com - Mananci sanatos, traiesti bine !

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

219
Requests

77 %
HTTPS

81 %
IPv6

20
Domains

35
Subdomains

27
IPs

4
Countries

3215 kB
Transfer

8533 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js
Request Chain 85
  • http://www.googletagmanager.com/gtag/js?id=G-2TVEG2Y6KG&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=G-2TVEG2Y6KG&l=dataLayer&cx=c
Request Chain 189
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 200
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

219 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
doctorultauonline.com/ 		95 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
db9639cf03f1139f50fe2ab13e4d642aac4e39f68adf15e8ac0649796b23eaac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
transfer-encoding
chunked
content-encoding
gzip
vary
Accept-Encoding
date
Mon, 07 Mar 2022 12:17:11 GMT
server
LiteSpeed
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4d9d91a3c3263a4c0b51389fc213123193e782cc48da6214c1b66ba57b7ca9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53941
x-xss-protection
0
server
cafe
etag
2269125394195867172
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 07 Mar 2022 12:17:12 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
480300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27433
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FgJCTQIJup7nac5AOSiQ%2F0RSSFzn2jT8LGotNAdrOF1DHMoqQ1ArCJELM0N3Kj%2Blc%2BEYYaOR4Y2eS1koR5Bo%2FofcoSL%2BkHu6AK%2FRgSUM87uVOHZq6bl1kg0EfcqlVP4gJjvEITIzyqEH8JGXJTtMQsQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e83444308ba405d-LHR
expires
Sat, 25 Feb 2023 12:17:12 GMT
firebase-app.js
www.gstatic.com/firebasejs/5.8.2/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.8.2/firebase-app.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17e7c611dac721a18c35c681611cfcf5ccf48c420b9358f8cc383174342669c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 05 Mar 2022 21:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12439
x-xss-protection
0
last-modified
Fri, 01 Feb 2019 00:49:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 Mar 2023 21:30:27 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.8.2/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.8.2/firebase-messaging.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 18:20:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10096
x-xss-protection
0
last-modified
Fri, 01 Feb 2019 00:49:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Mar 2023 18:20:36 GMT
17
pushgoo.ru/inc/crabs_push/ 		0
0
spu.css
doctorultauonline.com/wp-content/plugins/social-popup/ 		886 B
821 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://doctorultauonline.com/wp-content/plugins/social-popup/spu.css
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
62c0127b59dcf609c49affa3b27bc1e2ce139b72a9f2f10558fc424983a6f2b6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
last-modified
Thu, 12 Sep 2019 11:44:31 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
449
expires
max-age=A10368000, public
style.min.css
doctorultauonline.com/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://doctorultauonline.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 03:46:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
11167
expires
max-age=A10368000, public
style.css
doctorultauonline.com/wp-content/themes/jarida_copy/ 		147 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://doctorultauonline.com/wp-content/themes/jarida_copy/style.css
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
0c760d336cf32f30b37713585c0015f86e852828eaae85a6f15eb7af09aac797

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
last-modified
Tue, 18 Dec 2018 22:13:39 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
28475
expires
max-age=A10368000, public
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Oswald%3Aregular%2C700
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
810c1c3d8db2f50c9b91508cc9798d757d0355b12daa9b7ea08ffb5f868a2d63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 12:17:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Mon, 07 Mar 2022 12:17:12 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Mon, 07 Mar 2022 12:17:12 GMT
front.min.css
doctorultauonline.com/wp-content/plugins/cookie-notice/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://doctorultauonline.com/wp-content/plugins/cookie-notice/css/front.min.css
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
840711eaa754b000831567752cc1f5e460bd0f0097be8cb273230834a1a3a7a2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 08:57:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
1088
expires
max-age=A10368000, public
jquery.min.js
doctorultauonline.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://doctorultauonline.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 14:29:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
30969
expires
max-age=A10368000, public
jquery-migrate.min.js
doctorultauonline.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://doctorultauonline.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2021 15:05:07 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
4168
expires
max-age=A10368000, public
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8e19cd4e07351cfb35d05a152df4a00b85eb01c8e88efac72b1c01c710ebb4ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
7K02Tvo2VO2uG+/dUffOLw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 07 Mar 2022 12:30:41 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
Vr5Yb8UKN1Il1+xEfBhyQp/7c9a1XOxhb8OvW2WlQzGRbr9WAyP7DtWnP2SOJE988Hla/UPE+XAFbQDLSjc4Gw==
x-fb-trip-id
917726464
x-fb-content-md5
b9447b15108d3a8174ae318b6c0e5010
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 07 Mar 2022 12:17:12 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"c5c47156ccb5953704e07beb764b1017"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5

Redirect headers

Location
https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 12:17:12 GMT
Content-Encoding
gzip
Age
320
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29178
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:46:17 GMT
Server
ECS (frb/6731)
Etag
"f7f936f48944db7f829585c4368f33ae+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
237aa21168a7e458f506010606ab48d11c54b08221ae6297b2964ee41c71c8ad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-En/UGgTyizOn21+MeOtXVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
etag
"5607e44eccf70f61d1f62a4b18e3ff88"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-En/UGgTyizOn21+MeOtXVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Mon, 07 Mar 2022 12:17:12 GMT
spu.js
doctorultauonline.com/wp-content/plugins/social-popup/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://doctorultauonline.com/wp-content/plugins/social-popup/spu.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
cb729b04568f05845cba9b49cf23a7de2a458ea68a54dff3c6c8c78054c58f85

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
last-modified
Thu, 12 Sep 2019 11:44:31 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
1354
expires
max-age=A10368000, public
front.min.js
doctorultauonline.com/wp-content/plugins/cookie-notice/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://doctorultauonline.com/wp-content/plugins/cookie-notice/js/front.min.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 08:57:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
1943
expires
max-age=A10368000, public
js
www.googletagmanager.com/gtag/ 		149 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2TVEG2Y6KG
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7338e17b537df32a705639e31e704f62669d0e774e9e0c322c199ebe0df13e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56936
x-xss-protection
0
expires
Mon, 07 Mar 2022 12:17:13 GMT
js
www.googletagmanager.com/gtag/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-109657542-1
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2e21fb087bb7be32af478b60561ee64a281a45f2d9f55f9fab68f053c357fc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36669
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Mar 2022 12:17:13 GMT
remove-fbclid.js
doctorultauonline.com/ 		601 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://doctorultauonline.com/remove-fbclid.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
c8e6fcd1306718a538d693c3e307cf06eacfdd6ef7c574fb78ce0bf7b6bc3d34

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
last-modified
Wed, 16 Sep 2020 20:01:55 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
222
expires
max-age=A10368000, public
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fafdb6d06cf5096278fc749faf71ed2fb20b5d5ef6f0fab5b86f50216b9dc340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 07 Mar 2022 12:17:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
909761358490994923
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
53934
X-XSS-Protection
0
Expires
Mon, 07 Mar 2022 12:17:12 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7763921180411490
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb70fb46897cb45ed020e4afa148ad7f7c85e6dbf89e300404af94a3e6bbd05a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://doctorultauonline.com/
Origin
http://doctorultauonline.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53993
x-xss-protection
0
server
cafe
etag
3098617682654768143
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 07 Mar 2022 12:17:12 GMT
up.js
live.demand.supply/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f60f3afea7530df0d25c667690df4d8084ed081efbb1f49efdb60f4cb805a19

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FR4KF7Y6SKPYX9KWHB1XXHA6
date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
br
cf-cache-status
HIT
age
855
cf-polished
origSize=3935
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
cf-bgj
minify
server
cloudflare
etag
W/"59de6717fa079a1bdca61971e7fc88e1-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
6e8344435b3e75cc-LHR
TURISM2.jpg
doctorultauonline.com/wp-content/uploads/2021/03/ 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2021/03/TURISM2.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
1721e3cda57603c78e187936ff71d5cdeb7687127341a2abba9c45ea11cc1616

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
last-modified
Wed, 03 Mar 2021 13:35:38 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
197648
expires
max-age=A10368000, public
doctorultauonline.com.1268367.js
jsc.mgid.com/d/o/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/d/o/doctorultauonline.com.1268367.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e6cd9553622fdf6ee0546107b31d8bc1b3b88e05e9c805920b19ee34200ec2d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
BWFGYNSEW4DG9K22
last-modified
Thu, 03 Mar 2022 14:27:52 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
R69CT1NuMI9nazP48L2/iWyHJbcL6sBoM4XkSJXnVqq4LTsFRgnqPplsHb+837vOD/xY90NBCJw=
cf-bgj
minify
server
cloudflare
etag
W/"e07a5b2915ed608c995e39111b147d41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e8344484c4f752d-LHR
expires
Mon, 07 Mar 2022 15:17:13 GMT
mlab_popup.css
doctorultauonline.com/wp-content/plugins/homepage-pop-up/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://doctorultauonline.com/wp-content/plugins/homepage-pop-up/css/mlab_popup.css
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
8baa13868d2b7762acb7166efbae7beceb4795b8676e2f4530ed2df3161efcc6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 14:30:11 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
816
expires
max-age=A10368000, public
tie-scripts.js
doctorultauonline.com/wp-content/themes/jarida_copy/js/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://doctorultauonline.com/wp-content/themes/jarida_copy/js/tie-scripts.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
650d721f07cb4a6d23313e4fb253a58ae16dbdd91e85692c1610cded90136e8e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
last-modified
Tue, 18 Dec 2018 22:13:59 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
18270
expires
max-age=A10368000, public
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1461
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6e8344480f157531-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 10 Mar 2022 12:17:12 GMT
mlab_popup.js
doctorultauonline.com/wp-content/plugins/homepage-pop-up/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://doctorultauonline.com/wp-content/plugins/homepage-pop-up/js/mlab_popup.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
2611a5f349a045baa9d8b596309a3038de42689d9d2bb38e12dc7795c6439bcf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 14:30:11 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
1067
expires
max-age=A10368000, public
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/ 		291 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db68aee46705b0fb54d1c78ede443219729ff19ba305c111f0ad8be007417634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107351
x-xss-protection
0
server
cafe
etag
16457977694326175940
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 07 Mar 2022 12:17:12 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/ Frame ACCD 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Mon, 07 Mar 2022 04:11:29 GMT
expires
Mon, 21 Mar 2022 04:11:29 GMT
cache-control
public, max-age=1209600
age
29143
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
all.js
connect.facebook.net/en_US/ 		282 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=e3dee33c3d79aa2879ee307f46404f42
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5693efc26042c4432a739324f2abf1c642fdad890534939a97370e4e97445b76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://doctorultauonline.com/
Origin
http://doctorultauonline.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
/VSkKykdApqeI3ELlZDyVg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 07 Mar 2023 11:00:41 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
82125
x-fb-rlafr
0
x-fb-debug
4VPmCrzKKoBksa3Qxy408D7dtqsfUST0eL64bTalJ7BR6GWnkysmoEkaSc+ltA2OeKhXj4BQ+yjKAoeyuVg5yQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
5da9804624847a379d726dbf4b7487ae
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Mar 2022 12:17:12 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"5e815a5cef1f0ed46a3dd9b8d8b1c655"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/cb=gapi.loaded_0?le=oz
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
451a4ca6125cd8d5ee49f2c741d26f3a6093e88a60ead72648c18a3672cda807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 05:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52416
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 03:49:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 05:04:19 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
741
date
Mon, 07 Mar 2022 12:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 07 Mar 2022 14:04:52 GMT
Wiki-background.jpg
doctorultauonline.com/wp-content/uploads/2018/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2018/12/Wiki-background.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:14 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
top-shadow.png
doctorultauonline.com/wp-content/themes/jarida_copy/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/themes/jarida_copy/images/top-shadow.png
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/wp-content/themes/jarida_copy/style.css
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
e68b5dff23d173599878ccfd05892f57a52ea1330cf5f32e4645df7b718bba10

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/wp-content/themes/jarida_copy/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
last-modified
Tue, 18 Dec 2018 22:13:58 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
5679
expires
max-age=A10368000, public
black-loader.gif
doctorultauonline.com/wp-content/themes/jarida_copy/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/themes/jarida_copy/images/black-loader.gif
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/wp-content/themes/jarida_copy/style.css
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
203ffa4da004e9074636d54e40c5ac99adc5bba492018a2bfa35cb73f58c0da3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/wp-content/themes/jarida_copy/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
last-modified
Tue, 18 Dec 2018 22:13:58 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
1737
expires
max-age=A10368000, public
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v47/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/oswald/v47/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Oswald%3Aregular%2C700
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0982166468cc0ec6e23155f10397456c908a0599e4eac7dd0d81431843ca503f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://doctorultauonline.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 00:06:53 GMT
X-Content-Type-Options
nosniff
Age
303019
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
17864
X-XSS-Protection
0
Last-Modified
Thu, 24 Feb 2022 18:07:48 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 04 Mar 2023 00:06:53 GMT
e.js
live.demand.supply/e/ 		0
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=235&cs=c&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FV78VRFNHTBMHCRDZE13EVE4
date
Mon, 07 Mar 2022 12:17:12 GMT
cf-cache-status
HIT
age
2487643
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e834447ef87744b-LHR
impl.v14.0.0.js
live.demand.supply/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v14.0.0.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FKEFKNZGD9ZVC0KK5CB35266
date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
br
cf-cache-status
HIT
age
492493
cf-polished
origSize=79681
cf-ray
6e834447591f75cc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"ce85a984a9876904f1c4ef475c2ab350-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
1a1ceef0848eb5ea2c816e56c35b6be9fcee9295c976ac5b0da03d4552d9ac4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
server
sffe
etag
"1152 / 413 of 1000 / last-modified: 1646414401"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 07 Mar 2022 12:17:13 GMT
ZG9jdG9ydWx0YXVvbmxpbmUuY29tLw==
live.demand.supply/p4/v14-0-0/ 		533 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v14-0-0/ZG9jdG9ydWx0YXVvbmxpbmUuY29tLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36aacb6779027d2c502516423954a55dddea655ea05025eb445d787527f77f7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e834447592175cc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ds.2.html
live.demand.supply/ 		413 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FWBVXM47MSSXQ39ZHWQBMWYC
date
Mon, 07 Mar 2022 12:17:12 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
timing-allow-origin
*
age
1261254
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
6e834447ef82744b-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e.js
live.demand.supply/x/ 		0
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=rl&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FV78VRFKRKY4V1ENZ9MVTSGV
date
Mon, 07 Mar 2022 12:17:12 GMT
cf-cache-status
HIT
age
2487628
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e834447ef7a744b-LHR
likebox.php
www.facebook.com/plugins/ Frame AD7B 		102 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae8feddc096742714ba1cfca690abddc38e78aa78da89f584982c9ab8bc44db4
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
iiOhxx2vVzd3GrNEPz2UpTvqaqnWjCrkz38ZICPq8SMdKqmsk1GwgmOnxSaoxrkQOeeNwBS+q01ABsyJ1/k13w==
date
Mon, 07 Mar 2022 12:17:13 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tiefontello.woff
doctorultauonline.com/wp-content/themes/jarida_copy/fonts/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://doctorultauonline.com/wp-content/themes/jarida_copy/fonts/tiefontello.woff
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/wp-content/themes/jarida_copy/style.css
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
2f7278cc9f52fbafcb479c7c60c14d119a396c6b2b2c0a968f637a1562f69efa

Request headers

Referer
http://doctorultauonline.com/wp-content/themes/jarida_copy/style.css
Origin
http://doctorultauonline.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:12 GMT
last-modified
Tue, 18 Dec 2018 22:13:56 GMT
server
LiteSpeed
content-type
x-font/woff
cache-control
public, max-age=0
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
17876
expires
max-age=A10368000, public
273205070_486437009526846_1250756291696211703_n-300x195.jpg
doctorultauonline.com/wp-content/uploads/2022/02/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2022/02/273205070_486437009526846_1250756291696211703_n-300x195.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
876f928ae46de8df04f518cd3ebd3f1040ed340377a4c1bcaf8e27e61ce06c61

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
last-modified
Thu, 03 Feb 2022 11:18:24 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
13157
expires
max-age=A10368000, public
2-70x70.jpg
doctorultauonline.com/wp-content/uploads/2021/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2021/12/2-70x70.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
e4242947cf71f109899f2746dc08dc71e7181188b6466229675b982fa0d6531b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
last-modified
Thu, 30 Dec 2021 08:42:21 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
2187
expires
max-age=A10368000, public
papadia-e1521461915926-70x70.jpg
doctorultauonline.com/wp-content/uploads/2021/12/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2021/12/papadia-e1521461915926-70x70.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
230959e5505235ebf0473029b87213f3a2f230ef2ddbd93119812ea6fc684ce7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
last-modified
Wed, 29 Dec 2021 11:01:01 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
2507
expires
max-age=A10368000, public
LEPARISIEN-estelle-1120-300x171.jpg
doctorultauonline.com/wp-content/uploads/2020/04/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/04/LEPARISIEN-estelle-1120-300x171.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
437a4ac54e038184aacac4132353ef6a31dc587d3327b0f4a434dac027ac93cb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
download-4-2-212x300.png
doctorultauonline.com/wp-content/uploads/2020/04/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/04/download-4-2-212x300.png
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
238f70532a38f385fe8c59fe2d14008a04b3aa437ef085f1b0a7e272c1de10c4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:14 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
20-300x160.jpg
doctorultauonline.com/wp-content/uploads/2019/12/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2019/12/20-300x160.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
437a4ac54e038184aacac4132353ef6a31dc587d3327b0f4a434dac027ac93cb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:14 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
54-8-300x160.jpg
doctorultauonline.com/wp-content/uploads/2019/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2019/11/54-8-300x160.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:15 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
38-252x300.png
doctorultauonline.com/wp-content/uploads/2020/03/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/03/38-252x300.png
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:16 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
35-3-279x300.jpg
doctorultauonline.com/wp-content/uploads/2020/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/01/35-3-279x300.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:15 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
37-218x150.jpeg
doctorultauonline.com/wp-content/uploads/2020/01/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/01/37-218x150.jpeg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
238f70532a38f385fe8c59fe2d14008a04b3aa437ef085f1b0a7e272c1de10c4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:15 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
30-300x169.jpg
doctorultauonline.com/wp-content/uploads/2020/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/01/30-300x169.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:17 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
1-4-300x160.png
doctorultauonline.com/wp-content/uploads/2020/09/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/09/1-4-300x160.png
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
4a1e04bd81415251acdb6988ee5cc0f635d71afcf2d9b0b8c2980a73f79fd875

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:15 GMT
last-modified
Fri, 18 Sep 2020 17:43:31 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
57452
expires
max-age=A10368000, public
14-4-300x166.jpg
doctorultauonline.com/wp-content/uploads/2020/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/04/14-4-300x166.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:16 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
8-13-212x300.jpg
doctorultauonline.com/wp-content/uploads/2020/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/02/8-13-212x300.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:16 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
dieta-cinci-300x200-1.jpg
doctorultauonline.com/wp-content/uploads/2020/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/02/dieta-cinci-300x200-1.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:17 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
dieta-cu-lamai-300x192.jpg
doctorultauonline.com/wp-content/uploads/2020/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/02/dieta-cu-lamai-300x192.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:17 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
safe_image-19-2-300x157.jpg
doctorultauonline.com/wp-content/uploads/2020/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/02/safe_image-19-2-300x157.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:18 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
iaurt-cu-patrunjel-300x204.jpg
doctorultauonline.com/wp-content/uploads/2020/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/02/iaurt-cu-patrunjel-300x204.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:18 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
10-244x300.jpg
doctorultauonline.com/wp-content/uploads/2020/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2020/01/10-244x300.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:19 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
26-10-300x160.jpg
doctorultauonline.com/wp-content/uploads/2019/11/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2019/11/26-10-300x160.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
af2f9dd3afab13e429d86ec1b74472ea28cdc900bee013005270218d5b2a11f4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:19 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
59-3-300x160.jpg
doctorultauonline.com/wp-content/uploads/2019/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2019/11/59-3-300x160.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:20 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
ghimbir-lamaie-300x160.jpg
doctorultauonline.com/wp-content/uploads/2019/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2019/11/ghimbir-lamaie-300x160.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:18 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
73504702_922085664858332_3371635321195200512_n-300x160.jpg
doctorultauonline.com/wp-content/uploads/2019/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2019/11/73504702_922085664858332_3371635321195200512_n-300x160.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:19 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
Connection
Keep-Alive
link
<https://doctorultauonline.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
expires
Wed, 11 Jan 1984 05:00:00 GMT
2-300x160.jpg
doctorultauonline.com/wp-content/uploads/2021/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2021/12/2-300x160.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
25020b17ed0266291a2268a1a4cdfb6c06ef39f2b43bb9a867acda3a0b4487be

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:18 GMT
last-modified
Thu, 30 Dec 2021 08:42:21 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
10294
expires
max-age=A10368000, public
papadia-e1521461915926-300x160.jpg
doctorultauonline.com/wp-content/uploads/2021/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doctorultauonline.com/wp-content/uploads/2021/12/papadia-e1521461915926-300x160.jpg
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
HTTP/1.1
Server
176.126.202.101 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
extreme01.octosquid.com
Software
LiteSpeed /
Resource Hash
af89f3bf746883ab0f67f73f94042d53b6d10000411e568c3c3a98a4766ecc86

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:18 GMT
last-modified
Wed, 29 Dec 2021 11:01:01 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=10368000
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
13916
expires
max-age=A10368000, public
doctorultauonline.com_728x90_sticky_display_top
api.demand.supply/v14-0-0/a/ 		292 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/doctorultauonline.com_728x90_sticky_display_top?&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae1dfa01aedc77a094ce8ff298609c61ec0ad51399d6bf37364a1a4340ad29a3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"124-JaapyhqWk/29fPPfQOKpmGfIUAo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e834448fc3875a9-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1461
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6e834448da630716-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 10 Mar 2022 12:17:13 GMT
cookie.js
partner.googleadservices.com/gampad/ 		225 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=doctorultauonline.com&callback=_gfp_s_&client=ca-pub-7763921180411490
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
115e52a557896ed73c32356fed0d5054fc0555bfe29abdc81e04a8374ce32a3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
210
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=doctorultauonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=doctorultauonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fdoctorultauonline.com%2F&tn=DIV&cls=background-cover&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A14F 		241 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&adk=1812271804&adf=3025194257&lmt=1646655433&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdoctorultauonline.com%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&dt=1646655432791&bpp=5&bdt=773&idt=235&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=270
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fa83da93da4d73f6b76fa2b992cd08e9333f3ec8e46c270fa503c077d17df8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 07 Mar 2022 12:17:13 GMT
server
cafe
content-length
63829
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Mar 2022 12:17:13 GMT
cache-control
private
widget_iframe.a58e82e150afc25eb5372dd55a98b778.html
platform.twitter.com/widgets/ Frame BD4F 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=http%3A%2F%2Fdoctorultauonline.com
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674D) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
305523
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 07 Mar 2022 12:17:13 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 16 Feb 2022 18:36:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/674D)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
e.js
live.demand.supply/x/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FV78VRFKRKY4V1ENZ9MVTSGV
date
Mon, 07 Mar 2022 12:17:13 GMT
cf-cache-status
HIT
age
2487629
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e834448c915744b-LHR
e.js
live.demand.supply/x/ 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=um&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FV78VRFKRKY4V1ENZ9MVTSGV
date
Mon, 07 Mar 2022 12:17:13 GMT
cf-cache-status
HIT
age
2487629
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e834448d916744b-LHR
e.js
live.demand.supply/x/ 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=od&pp=BODY&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FV78VRFKRKY4V1ENZ9MVTSGV
date
Mon, 07 Mar 2022 12:17:13 GMT
cf-cache-status
HIT
age
2487629
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e834448d918744b-LHR
ads
googleads.g.doubleclick.net/pagead/ Frame B0C8 		83 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a1e6a2227bf36f7cabc29b15021e00c48cff06104f30d403e14df7465f2c6bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 07 Mar 2022 12:17:13 GMT
server
cafe
content-length
29824
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Mar 2022 12:17:13 GMT
cache-control
private
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2
fonts.gstatic.com/s/oswald/v47/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/oswald/v47/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Oswald%3Aregular%2C700
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
382cbcd13c1f3aa9bf8cd7a81d6256267aaf7b8d0e3950bab0933e9a494ea28a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://doctorultauonline.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 18:54:14 GMT
X-Content-Type-Options
nosniff
Age
235379
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
14176
X-XSS-Protection
0
Last-Modified
Thu, 24 Feb 2022 18:27:11 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 04 Mar 2023 18:54:14 GMT
doctorultauonline.com_728x90_sticky_display_bottom_stickydesktop001
api.demand.supply/v14-0-0/a/ 		2 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/doctorultauonline.com_728x90_sticky_display_bottom_stickydesktop001?&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
cf-cache-status
HIT
server
cloudflare
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
accept-ranges
bytes
cf-ray
6e8344493ca075a9-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=G-2TVEG2Y6KG&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=G-2TVEG2Y6KG&l=dataLayer&cx=c
149 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2TVEG2Y6KG&l=dataLayer&cx=c
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H3
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f775b5dcc506b99d7511d439d206d1c8c7f562e28dfdf2fe5aff7fa8d91268c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56931
x-xss-protection
0
expires
Mon, 07 Mar 2022 12:17:13 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=G-2TVEG2Y6KG&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=615369284&t=pageview&_s=1&dl=http%3A%2F%2Fdoctorultauonline.com%2F&ul=en-us&de=UTF-8&dt=doctorultauonline.com%20-%20Mananci%20sanatos%2C%20traiesti%20bine%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=178944088&gjid=1514186957&cid=1818786035.1646655433&tid=UA-109657542-1&_gid=1046881388.1646655433&_r=1&_slc=1&z=61814785
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://doctorultauonline.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://doctorultauonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=615369284&t=event&_s=2&dl=http%3A%2F%2Fdoctorultauonline.com%2F&ul=en-us&de=UTF-8&dt=doctorultauonline.com%20-%20Mananci%20sanatos%2C%20traiesti%20bine%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Online&ea=SanatateMinutCuMinut&el=Facebook&_u=IAhAAEABAAAAAC~&jid=&gjid=&cid=1818786035.1646655433&tid=UA-109657542-1&_gid=1046881388.1646655433&z=253789999
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 11:13:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3849
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022030101.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124868
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 09:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Mar 2023 12:13:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		111 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=doctorultauonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
285a7d9cb46201ac73d3edcc2565eba6660b152b1abaf9806739c26f7d82eaac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96
x-xss-protection
0
expires
Mon, 07 Mar 2022 12:17:13 GMT
sdb.css
live.demand.supply/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FN0J18J3PBRSCV8HHF6ZFMWF
date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
1050955
etag
W/"9bafda7cf8dec16f272df141e953a55a-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
6e83444a0a5a71e1-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e.js
live.demand.supply/x/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=bb&r=doctorultauonline.com_728x90_sticky_display_top&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FV78VRFKRKY4V1ENZ9MVTSGV
date
Mon, 07 Mar 2022 12:17:13 GMT
cf-cache-status
HIT
age
2487629
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e83444a0ade744b-LHR
ads
googleads.g.doubleclick.net/pagead/ Frame 8FBB 		61 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=2c94045f-bb3a-49b9-b97d-a07d1fee46ba&adk=1004640193&adf=1248439354&pi=t.ma~as.2c94045f-bb3a-49b9-_&w=728&lmt=1646655433&psa=0&format=728x90&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655433263&bpp=2&bdt=1245&idt=2&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=375984350&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=e7uIalTgAo&p=http%3A//doctorultauonline.com&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b690d1ea16161a5ee6e489a6964b4bb824399bed9b372d3ebc209f5ddd1bdfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 07 Mar 2022 12:17:13 GMT
server
cafe
content-length
23858
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Mar 2022 12:17:13 GMT
cache-control
private
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2TVEG2Y6KG&gtm=2oe320&_p=615369284&_z=ccd.B&gdid=dZTNiMT&cid=1818786035.1646655433&ul=en-us&sr=1600x1200&_s=1&sid=1646655433&sct=1&seg=0&dl=http%3A%2F%2Fdoctorultauonline.com%2F&dt=doctorultauonline.com%20-%20Mananci%20sanatos%2C%20traiesti%20bine%20!&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TVEG2Y6KG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://doctorultauonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=615369284&t=pageview&_s=1&dl=http%3A%2F%2Fdoctorultauonline.com%2F&ul=en-us&de=UTF-8&dt=doctorultauonline.com%20-%20Mananci%20sanatos%2C%20traiesti%20bine%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABAAAAAC~&jid=1735203742&gjid=98159354&cid=1818786035.1646655433&tid=UA-109657542-1&_gid=1046881388.1646655433&_r=1&gtm=2ou320&did=dZTNiMT&gdid=dZTNiMT&z=2076486595
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://doctorultauonline.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://doctorultauonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=615369284&t=pageview&_s=2&dl=http%3A%2F%2Fdoctorultauonline.com%2F&ul=en-us&de=UTF-8&dt=doctorultauonline.com%20-%20Mananci%20sanatos%2C%20traiesti%20bine%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABAAAAAC~&jid=&gjid=&cid=1818786035.1646655433&tid=UA-109657542-1&_gid=1046881388.1646655433&gtm=2ou320&did=dZTNiMT&gdid=dZTNiMT&z=752561563
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 11:13:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3849
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/cc2295e2-fb6c-4cf0-97e1-a0b7ac5ad0f0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/cc2295e2-fb6c-4cf0-97e1-a0b7ac5ad0f0/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
559889bf26f6361c88e34a7c2f860cf7083643a953d136e9b9ccd5dfc5e4fbec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2779
cf-polished
origSize=3340
status
200 OK
x-envoy-upstream-service-time
82
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
32135dde-c039-44ce-9047-fea9dfbf7c6d
x-runtime
0.080564
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"f0f33a3a6c35bc99e86a4d4a49450458"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6e83444a4afa7531-LHR
access-control-allow-headers
SDK-Version
expires
Mon, 07 Mar 2022 13:17:13 GMT
e.js
live.demand.supply/e/ 		0
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=d&sc=doctorultauonline.com_728x90_sticky_display_bottom_stickydesktop001&err=Cannot%20convert%20undefined%20or%20null%20to%20object&e=as&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FV78VRFNHTBMHCRDZE13EVE4
date
Mon, 07 Mar 2022 12:17:13 GMT
cf-cache-status
HIT
age
2487644
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e83444a5b7d744b-LHR
d4poLovM4MO.css
static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/ Frame AD7B 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/d4poLovM4MO.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8231fb60491493f4b2999bccb07fbf4c3dcb5083e802d40473d0b6094967e08a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YwFHDyDxqzXQBvcIRMHu/g==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5578
x-fb-rlafr
0
x-fb-debug
zC3E4CRhGoa5Q+iYQ6CnHUd0SnOUBp2Hx0dcGRYOLt+PRowZ2nJGEV26lB/IJpshUO4hjpU0xPdSjpIiLJbKdQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 06 Mar 2023 16:44:10 GMT
FPdNN1TK3wJ.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame AD7B 		2 KB
1005 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qki4Wy05mlz5CwH9oqDKag==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
815
x-fb-rlafr
0
x-fb-debug
0rShyjuTIh/WMmfRlt23DR6rN1FiaCp1ivP2c2S3PoOy03UiDLmd2Hw9QjIC7Xa+qBlopqnoVbaqqt9RZ1bvlg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 24 Feb 2023 08:36:58 GMT
alnsqgG7wjA.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ Frame AD7B 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/alnsqgG7wjA.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7da751818ec7dab1a67a8e4faacf5f2b9ee4fa03f1910d6d5d745fa51dbffffb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
U4O8+Y3d344pxT29mn/byQ==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4971
x-fb-rlafr
0
x-fb-debug
1x6zzdfA8Ji45gaZZtpGxazFuG6MlLwQM2vOF7eVcwUfaZ2zIfLdNqtOlh2Q2C5UCBVBOQc9ifzLvLt1Mi1nyg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 01 Mar 2023 17:18:25 GMT
L70R13fLoZE.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ Frame AD7B 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/L70R13fLoZE.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9ed237e09d077e8b6487615976683a5cdf2f79fa4a4c83462b41ddd6256c6cf9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+j7xv1pqUo8FpjU1Ol74QQ==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5346
x-fb-rlafr
0
x-fb-debug
GMNwuv4QqW7DX/iWZ1pAx0ZlmyI41YPIpgASMYSEg3+oI8srYwECUiaI3RrA/vik3xj6cuJ2WpJ3YN8djSIzaA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 02 Mar 2023 17:23:44 GMT
YhCBOLs0G8W.js
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ Frame AD7B 		307 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/YhCBOLs0G8W.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cebc0b7e3c9904af6f553ef5e9f2a86b29091ade9aa57001ff90febb82a7b95b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
sAzbJnwBdy7PcinKiS3bxA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84390
x-fb-rlafr
0
x-fb-debug
JqCi2BtxEW7tkiYlpmv3vGm2eVmP+Eqo0NyLUkeG2OSdXTjzJLUeHxStJbBse0aUSUHFI6GuNV+A7Qx5lNgl7g==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Mar 2023 20:23:23 GMT
myoIkmjPRiz.js
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame AD7B 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/myoIkmjPRiz.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa691b778a78ba4cad31dddd9aa4a11eba60175605a33a6d76087b4748d1b65e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pTxNXFuXowZm4giCjOAUIA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
13686
x-fb-rlafr
0
x-fb-debug
LZaap5FF2ZCh+aeHN+Ga1CuvaSWXWoyEXwEHK65OHetHEjMHB7cinHYk0UZNwYt6Ggyv+nOGNM3kV2gp5tV++A==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 07 Mar 2023 07:36:15 GMT
qjFyB0Plp1h.js
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame AD7B 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/qjFyB0Plp1h.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ac73d30ed0505960ae615cdda90ca4e9c0c2a3ba6b19ec4ee6dc9a32c2951f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ab1EwkNz5p5aq1xNmqq87g==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
15260
x-fb-rlafr
0
x-fb-debug
/QuS4IKOmgVHH1h1f2BuuuhgrjhYes+2KeBwjrotOqddUR1hIqxCa+amW42qYPwMM3R6oR7+UDFVKMLqGj39Hw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 04 Mar 2023 19:09:43 GMT
x9ZrO_yAkJs.js
static.xx.fbcdn.net/rsrc.php/v3i7244/y9/l/en_GB/ Frame AD7B 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7244/y9/l/en_GB/x9ZrO_yAkJs.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e393ea04e46d228a4038bf0217757eda47c80a4d9402e9789bc59625542a99bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
UbVy88onjaJqkj9uv0zA9A==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
22910
x-fb-rlafr
0
x-fb-debug
SQKDKBuAUN+ptltE8JXdquWwt8oqEpM49DmtAhPsFE9EF5BwMsPc/REjgTYxwR2W67jSVHnTBaT3Yr3UDGWXyg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 04 Mar 2023 21:20:58 GMT
GG1Y0sYc7My.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame AD7B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de934a085817710cb3bbd98d33e5b0c91709425d89eada2a2c55909c8b3443de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yJ9Wq2491L53MWugs2kUlg==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1642
x-fb-rlafr
0
x-fb-debug
9qSEz4hQltqE86mWOJeuwBy698HSZ6pzM9TwONx/oOxwAwzqURHYIDLi7flptKYJ/QFwfX4M5Kidm0w9/iwlzQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 04 Mar 2023 22:58:43 GMT
0AuFoai-buI.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame AD7B 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/0AuFoai-buI.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b153dfa4c7ea65c85d9a890279af985e41200b43540685ea411b561a104f4e28
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ev3VnSiojydD73SMbd/mvw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
9055
x-fb-rlafr
0
x-fb-debug
eU6ixVW8vgW1NpXI+vKuTe/lDTmjYhfyQT9v5iSEkMCj9bhHwe2ZcuhRwvlCBuDnk8hdOQtlqUurl6v9C3p+OQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 06 Mar 2023 16:43:36 GMT
Q2N4MtG5RyI.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/yN/l/en_GB/ Frame AD7B 		192 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yN/l/en_GB/Q2N4MtG5RyI.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
18ddd676ded85f867b718a83b1027949bd7c9cbd06861d68c1b261948a995206
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lYkRuuIN2zqDe8+L6xuF6Q==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
56681
x-fb-rlafr
0
x-fb-debug
EXBaTWadBLH0JmezG8KcLTFrc9hAJvFo7/8/hIVjpNFchfGRj6MLdRpKYvg9AwwCaUlyQDGH42VODGWERPGCJQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Mar 2023 15:32:15 GMT
BLoWEIphFwp.js
static.xx.fbcdn.net/rsrc.php/v3itLE4/y0/l/en_GB/ Frame AD7B 		332 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3itLE4/y0/l/en_GB/BLoWEIphFwp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cfdc815884202a74f80463b3ff3bbd680c19c9720e5aad149ffd096c599b020
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
y0aRol74/gsJTiIXGziRyQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
80717
x-fb-rlafr
0
x-fb-debug
yaqDhSKY4l3zNgdfjVDUUlidkdMAsV54Ce4x8WYNB3Clx+my1loYjutHcuk4JY7aPZnQdEGxNVhYXVLF77dKoA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Mar 2023 19:39:59 GMT
yIJmnsyl430.js
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ Frame AD7B 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/yIJmnsyl430.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a504a40b594a18f9b69c8e870b4616b0dab24ddfface0ae93849a2f084a4afe8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QX6le5lzik48BUi9kPlsZA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
19245
x-fb-rlafr
0
x-fb-debug
NWBw+gs1MGd19/4jDSIhMIDcg4WeyrWNgMUSlwGZz5d+13LjrM1o6ux/kcb4TKQ39NVP9UeH5HQxHCi94VQ+aQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 04 Mar 2023 04:36:00 GMT
vKmdD6ZjaJG.js
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame AD7B 		115 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/vKmdD6ZjaJG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a90950a6e18059dfdf471afde3538978738cbb2a02752608febcad12d91e30a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qf8OihyKghtDnwUT9MAeWQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
30713
x-fb-rlafr
0
x-fb-debug
xGzt6r2e9Kkkx4fIuud/vF0yq2EFxuKG6ynfNutB/saiLjHRpvrJcBUz8dWsEdC8ASpl8hm/8SUvRC21ikzPTg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 01 Mar 2023 22:41:51 GMT
yeQZXSTDvJt.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame AD7B 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/yeQZXSTDvJt.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
187b1229260f74dd99647dfc63ac62c49f944ff853ea8510c039297375986dde
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LKXe3WcZrxSgD9k8vaKhdA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7009
x-fb-rlafr
0
x-fb-debug
B4IjCF0KigoLUVEWxEVA2rRxHo4MsEZnzG9B2+etV/N7nJIEgHJ9NJJQydvRDTu2FLB9ObTKAU6gMiI7//Nezg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 25 Feb 2023 05:25:57 GMT
ZH5iXlt1TyQ.js
static.xx.fbcdn.net/rsrc.php/v3iCwx4/yk/l/en_GB/ Frame AD7B 		97 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iCwx4/yk/l/en_GB/ZH5iXlt1TyQ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a8cfdaf827b44c18fd53a8625cfe0f85f7e498a2af0757fbd9c7b78018706ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
MbL3Hk1YOIpYlAD0S63Yng==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
25849
x-fb-rlafr
0
x-fb-debug
wArVX0ykuQUM7ducPTsjHLImAyfMdv2xg1JDpYlV+fAS/eF3g7Jb3x6mNtqflFGWROZ41DweawDlt7FERuhLUg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 28 Feb 2023 22:52:37 GMT
DTyQwwM0rvN.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame AD7B 		202 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/DTyQwwM0rvN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bd720c3330f9e1e856f0312d423377f9fd3cef9c81b1ee1edb80ed7fcfaae849
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
G751WzV77yDr4p6kzF9irQ==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
46537
x-fb-rlafr
0
x-fb-debug
N/7FNWxttan8sr+wLTIXiMh7YwX0g3vOuA1RTcK8gudNHug7fGmRGji7ldYiKRS37rS13+X+ppwAeg2f4Tl4eA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 05 Mar 2023 16:17:25 GMT
5WhQzfNYKD0.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame AD7B 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/5WhQzfNYKD0.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cde6f51b005e56d4272454994e4d3af5c9e53d4460915e3f023cdf56c5cf1906
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4xqTNqyjUHVFWirvlagKag==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7265
x-fb-rlafr
0
x-fb-debug
wQ4+pxSN8j506icrbC+m7hQ8AERFOJiXcN43/R/d13jkWHd4f9L9Dotcj3YrlLyf4iyXq2gCMJu2R1S91yftGA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 06 Mar 2023 16:45:45 GMT
-1uUw3DFEUD.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame AD7B 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/-1uUw3DFEUD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27eff2c7771d0dadc59966e09a51780633f7d288bf9bdf7e90b8e3d04a4af25a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ri1INJFjOC0NVrcSx4UzKw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
10591
x-fb-rlafr
0
x-fb-debug
qq+U3uPh2vmqk7DcrEnjqQafRY1J8c3WyKaE4ML0zt51Unufqdm0VuKniKJkmugsKtnWL24GQgn5F1DZgmKESg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 05 Mar 2023 16:17:25 GMT
OEzWURzmeJ6.js
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame AD7B 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/OEzWURzmeJ6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ded2314e5aa07d9f2724d2620a5fd91073b7d572b03ab850d8537c5b63d487b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
DoSrvT9aiS75A92apeECYw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4380
x-fb-rlafr
0
x-fb-debug
eGEWlb+oOVbH875eUuissXvpUaEo+4kZyLE7rNuEOdqXyn98AhjlGNnWPSvyrUAQEHpO23iOPXixtYJytXUakg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 05 Mar 2023 16:17:25 GMT
-UiReSjdfva.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame AD7B 		961 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/-UiReSjdfva.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
373e3dbd7a49fd0a46f537465c65ec3e9a4d7cdc880fce10e5af46de6c9e461b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Z1nm/ainhg3auhy1wuMlnw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
417
x-fb-rlafr
0
x-fb-debug
PZlpismJGpxcZFNNlggD0Naz48e8fPSaXDWQ16OwHMLw46XkLl1TZsCJ6fhWh2BBpDO49WwMrL/ssvgXLFxvyQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 23 Feb 2023 18:52:57 GMT
44023974_468249166998004_4505753600714080256_n.png
scontent.xx.fbcdn.net/v/t1.6435-9/ Frame AD7B 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t1.6435-9/44023974_468249166998004_4505753600714080256_n.png?stp=dst-png_p130x130&_nc_cat=108&ccb=1-5&_nc_sid=dd9801&_nc_ohc=rry9pR24kQ4AX9UDfrv&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AT-gjEhVtpRBTHaXvBmHzLv1a5iwTg2r_Q8oFbxc-2rZ6A&oe=624C690A
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e0470151eba613aa49b7cc0ae8b8d51851e70d4c7eb88cbe673cc75e84459a67

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum
3931012181
date
Mon, 07 Mar 2022 12:17:13 GMT
x-fb-trip-id
917726464
last-modified
Sun, 14 Oct 2018 19:57:32 GMT
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=2030979238
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
8JcA-ZAsKzFsUB3vs-tLc5lYYfKGcqzbIUvTb_Y-aIYkA8XvTf2AsCXN5Ngf7AAJ-jWF0kORNKGi4v9Gc6o6Zw
cross-origin-resource-policy
cross-origin
x-needle-checksum
2551189664
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85667
44041593_468252336997687_4933346470096011264_n.jpg
scontent.xx.fbcdn.net/v/t1.6435-1/ Frame AD7B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t1.6435-1/44041593_468252336997687_4933346470096011264_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=107&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=1mkNpQZA0PoAX-8RgrQ&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AT8ju8EtOGrFGqkr14T49D56eeHso5lX6RG9KGmQzd0_HA&oe=624A2075
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
72ed02b56bfe9d71a7e8f5dc7d5a8807283f54649dc07e82a231d0af915097eb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum
220862205
date
Mon, 07 Mar 2022 12:17:13 GMT
x-fb-trip-id
917726464
last-modified
Sun, 14 Oct 2018 20:11:23 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1181589752
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
qNtt-l7qnmKyUAZLcIdMUQz42I6A637tmBdjfko6OODHPNA_b1Ezv_sGjpIWjPJAPYWDIDpouDbU0rJ83iH1SA
cross-origin-resource-policy
cross-origin
x-needle-checksum
2194845702
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1881
settings
syndication.twitter.com/ Frame BD4F 		232 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=1c7e02916f4183fbe645061b1aa5685dc63f5ac1
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=http%3A%2F%2Fdoctorultauonline.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
104
date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 12:17:13 GMT
server
tsa_f
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
e8b46c612171337784087dc4617f85c4111367c3ebc7bc35c48920fc684d2e9f
content-length
166
doctorultauonline.com.1268367.es6.js
jsc.mgid.com/d/o/ 		243 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/d/o/doctorultauonline.com.1268367.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/o/doctorultauonline.com.1268367.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0bd6dfb65ff96d96b7b94ef7beec5b2d38219b0b658577876439d4e65e6df1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
YRNE52XD096H78XX
last-modified
Thu, 03 Mar 2022 14:27:52 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
vYYTWxBbtOBmwhWQlm9tFIW2eYUQpeMRswNUHq4ynyESeMKJwNRfo9Z+IzveSi1bTbfxs48uavM=
cf-bgj
minify
server
cloudflare
etag
W/"ed4001cd97539f1410a4053a918f4dc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e83444bbead8868-LHR
expires
Mon, 07 Mar 2022 15:17:14 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=doctorultauonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=doctorultauonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		951 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2664612777864818&correlator=1658120968223037&eid=31065288%2C31065497%2C31064018&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fif&sc=0&sfv=1-0-38&ecs=20220307&iu_parts=44890869%2Cca-pub-3831894559014614-tag%2C3a6a00d1-b7b1-42df-8427-80a282effa31&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ti%3D92ce9dcc-64ac-4fbb-9475-05c73e0a6256%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D97&eri=1&cookie=ID%3Da260d62d81562864-229ca3dc55cd0064%3AT%3D1646655433%3ART%3D1646655433%3AS%3DALNI_MYXqghbYef-Zg6picHIGv3dxHp_Cw&abxe=1&dt=1646655433550&lmt=1646655433&dlt=1646655432018&idt=1506&biw=1600&bih=1200&oid=2&ucis=1&adks=2954097649&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&bc=23&url=http%3A%2F%2Fdoctorultauonline.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=true&ga_cid=1046881388.1646655433&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b87b497bf46699df860b7cc1283b264ef5326a6c684d29607421eab5878054c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
531
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://doctorultauonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
33006ed7b42f1d454ddcec9cdd52e250.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6095 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://33006ed7b42f1d454ddcec9cdd52e250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 07 Mar 2022 12:17:13 GMT
expires
Tue, 07 Mar 2023 12:17:13 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2022030101.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022030101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
288ac35b2088c2fa8d930b09d606eac7904e37016417f56555fba08704f61987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 00:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475638
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13442
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 09:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Mar 2023 00:09:55 GMT
e.js
live.demand.supply/e/ 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=doctorultauonline.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FV78VRFNHTBMHCRDZE13EVE4
date
Mon, 07 Mar 2022 12:17:13 GMT
cf-cache-status
HIT
age
2487644
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e83444c8f08744b-LHR
ads
securepubads.g.doubleclick.net/gampad/ 		941 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2664612777864818&correlator=110898705072377&eid=31065288%2C31065497%2C31064018&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fif&sc=0&sfv=1-0-38&ecs=20220307&iu_parts=44890869%2Cca-pub-3831894559014614-tag%2C5452609c-7330-40f3-8802-e54f85a8113a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ti%3D92ce9dcc-64ac-4fbb-9475-05c73e0a6256%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D97&eri=1&cookie=ID%3Da260d62d81562864-229ca3dc55cd0064%3AT%3D1646655433%3AS%3DALNI_MYXqghbYef-Zg6picHIGv3dxHp_Cw&abxe=1&dt=1646655433669&lmt=1646655433&dlt=1646655432018&idt=1506&biw=1600&bih=1200&oid=2&ucis=2&adks=709852625&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&bc=23&url=http%3A%2F%2Fdoctorultauonline.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=true&ga_cid=1046881388.1646655433&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8fa655178e22a67517cc11894c9715bd5d7c8fa8f9c8550bcdcbf106e59c5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
532
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://doctorultauonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame B0C8 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 11:34:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Mar 2022 12:17:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Mar 2022 12:17:13 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame B0C8 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:16:21 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B0C8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjHoLyfclYsThCtqK9u8Pvc6PmAKvno68Zs_798OGD8CNtwEQASDdu-5HYJUCoAG-65P9AsgBAakCsxfaMLo-sj6oAwHIA8sEqgTzAU_Q_BjW1YybJWMX-sE1U9VAarPKwtbQzbkIU-uKnNA6g43jPAkDqc3ZPzSyMEBqVoJhfXW3rabIKeEot5A1zSEeEFkNDhymj5rvFIdSej8tLn-oMnrPzdNwBMtRmhCjQx6grTeVC3og7AF6JyzsPPGQnOeobXXy_d53V9NVudyBm3Yj-qtBXGo6Qt7Gp9rt4vZmtlquKUNtJ71UpCYvtKWPPYadC4-awYmDPizOiSFjgEl0GEkwKTfS2sEoX1k7eIm4KcYtnwzqoLFCNx25OeslYQ2Kp0GSNjyPc8ABBSicSs2Hfi_nGxqtedE6t2T8-cTg3cAEtce8oNcDkgUECAQYAZIFBAgFGASgBi6AB6qU7IIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ6fgI0ggJCIDhgBAQARgfgAoByAsBuBOdJ9gTDYgUBNAVAYAXAbIXHAoaCAASFHB1Yi03NzYzOTIxMTgwNDExNDkwGAA&sigh=AfNgGwGjA0M&uach_m=[UACH]&template_id=5021
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 07 Mar 2022 12:17:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 07 Mar 2022 12:17:13 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/3974295938494546615/ Frame B0C8 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3974295938494546615/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ec50f64921ad3f27786836b128eb33b1e434d0e40f347807777b9e021da15b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:16:04 GMT
x-content-type-options
nosniff
age
439269
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2341
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 16:36:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Mar 2023 10:16:04 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7327549930973412138/ Frame B0C8 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7327549930973412138/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83d8163b3bbf0cb7285b8aa4964248e1db6d3b0034d03c43243682b302e02b48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 10:55:53 GMT
x-content-type-options
nosniff
age
264080
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12124
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 16:10:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 04 Mar 2023 10:55:53 GMT
truncated
/ Frame B0C8 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f65c00227868dcd7e51e1869dc331302818971ab476f21b5ebc87feb83f1d0a5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B0C8 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame B0C8 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
421
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7872
x-xss-protection
0
server
cafe
etag
15461303091586157378
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:10:12 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame B0C8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:08:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame B0C8 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6417
x-xss-protection
0
server
cafe
etag
10598556267281433416
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:14:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B0C8 		124 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38860
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646224922100600"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 12:17:13 GMT
35849274faa25b88196bf3c3ff2d72d2.js
www.gstatic.com/mysidia/ Frame B0C8 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:13:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11831
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 10:04:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 10:13:30 GMT
e.js
live.demand.supply/e/ 		0
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=doctorultauonline.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FV78VRFNHTBMHCRDZE13EVE4
date
Mon, 07 Mar 2022 12:17:13 GMT
cf-cache-status
HIT
age
2487644
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e83444d3835744b-LHR
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=doctorultauonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=doctorultauonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		831 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2664612777864818&correlator=1347074411375920&eid=31065288%2C31065497%2C31064018&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fif&sc=0&sfv=1-0-38&ecs=20220307&iu_parts=44890869%2Cca-pub-3831894559014614-tag%2Ca5f6f586-78c5-4d1f-9124-ec05a001b8bc&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ti%3D92ce9dcc-64ac-4fbb-9475-05c73e0a6256%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D97&eri=1&cookie=ID%3Da260d62d81562864%3AT%3D1646655433%3AS%3DALNI_MZTYmbG9hlW-pDdJCUlN9Qs7qSN3g&abxe=1&dt=1646655433781&lmt=1646655433&dlt=1646655432018&idt=1506&biw=1600&bih=1200&oid=2&ucis=3&adks=836654403&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&bc=23&url=http%3A%2F%2Fdoctorultauonline.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=true&ga_cid=1046881388.1646655433&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
686503904e6c2457565ac125cd3e25ffaf0ae1b94e8feb569d6cd62a5d2ff9d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
435
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://doctorultauonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
SQZZiMWhOLh.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame AD7B 		767 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/SQZZiMWhOLh.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/d4poLovM4MO.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/d4poLovM4MO.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
x-content-type-options
nosniff
content-md5
7Ob9foDk+QbAEt4lrnDs0w==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
767
x-fb-rlafr
0
x-fb-debug
30VoPZ2N9gszAI+24x88desMkwAbpeFiBUWgabJPu/gPMFsRUShEl17xzIJ7sw5YIlUNasybUmzp5Wlu/lTRNA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 07 Mar 2023 07:35:58 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame AD7B 		930 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=505171923305728&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/y9/l/en_GB/x9ZrO_yAkJs.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
893e806029e8f0a58f779d1a81128203e262d853326c23a15122f66fffef8bf7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
eSgc6GqYybW7gqs8WRptRa
Referer
https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
GchbOSlW4/2W4yIiVOZhASuQTnJpNTFyJY7xgu43K2K6o1vqBJ7baN4ORTJ0Y7F+rHlJ03kJ1yFnADZcVMgn9A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 07 Mar 2022 12:17:13 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT
6AnWjs0jeKc.png
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame AD7B 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/6AnWjs0jeKc.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/L70R13fLoZE.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9ea291824ef2da30d149cbac248ca1e4918b93c1c8dd8479faf8c780ee180e82
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/L70R13fLoZE.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
x-content-type-options
nosniff
content-md5
3gxoNjFJG27hc7Gl1ki7lQ==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
28947
x-fb-rlafr
0
x-fb-debug
8y0caia47B7PrUHgIqiXzqdeNFQH9pHGtKxhqIenk7R2ToNTqqYl6GO05VLJBoykuoXfVN6cBB3ca/poKxBN/g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 01 Mar 2023 17:18:25 GMT
MIM2zZKZ5PN.js
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame AD7B 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/MIM2zZKZ5PN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/YhCBOLs0G8W.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
78da1e58b942fec4a720191f34f55f0aaae8955263d148f2c322a0034b9ed36a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9B7OqBmHNg83XfaNoqahhQ==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
3942
x-fb-rlafr
0
x-fb-debug
8Da3JfDTGo1UoLFDts3P5Y4zDT1EizkbwCPk0tw7A+xJDqjTKDOEmF5yqIlUr+HZMjnftGIn06LSDc8yVWf+mA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Mon, 06 Mar 2023 16:45:49 GMT
DrL7ZponPK8.js
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame AD7B 		353 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/DrL7ZponPK8.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/YhCBOLs0G8W.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6f409e86d1d0f92a481c4d32e5226cf80a5f7be6f66587767a3c2b1c677edc1a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
y5R41FU2PNMba5RxNKw7ZA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
76736
x-fb-rlafr
0
x-fb-debug
Xd3Ir8iUTtdqt99K8lgyUd9vCtTxLWyuTkBkhWYs0jYPhtA9XwqgDwnhFCoFcD8imQuRQGtZE7BVfdpQKzjS+A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 03 Mar 2023 19:27:21 GMT
rDqwu6oRka7.js
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ Frame AD7B 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/rDqwu6oRka7.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/YhCBOLs0G8W.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6f6b7c19a39403d9b8e6bb02c6654b316bfa7ed773993f325ffe9a123c90f9c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wOabAfigw2hZS+3nr6BKlA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12598
x-fb-rlafr
0
x-fb-debug
j5Vbfpw9JFKA79lSO/aama3SvprzPNqxfzmou8ha7X96TYWIkkx7/eA1+cAFR++MSzeK+x4e8izH+qoRmGoN8A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 04 Mar 2023 04:36:00 GMT
e.js
live.demand.supply/e/ 		0
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=doctorultauonline.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FV78VRFNHTBMHCRDZE13EVE4
date
Mon, 07 Mar 2022 12:17:13 GMT
cf-cache-status
HIT
age
2487644
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e83444df952744b-LHR
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/ 		151 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/reactive_library_fy2019.js?bust=31065414
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fa78c79e1ab7a39fa0ad1c4fdd3bc993c8f6e220ee0e92bab96b8515223d8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55048
x-xss-protection
0
server
cafe
etag
14630983256216375870
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Mar 2022 12:17:13 GMT
truncated
/ Frame B0C8 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32462f339c58e0f9e90d3ea375dcb8870720246b02c0bce345e43b5d48d3ebd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 8FBB 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=2c94045f-bb3a-49b9-b97d-a07d1fee46ba&adk=1004640193&adf=1248439354&pi=t.ma~as.2c94045f-bb3a-49b9-_&w=728&lmt=1646655433&psa=0&format=728x90&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655433263&bpp=2&bdt=1245&idt=2&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=375984350&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=e7uIalTgAo&p=http%3A//doctorultauonline.com&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 11:36:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Mar 2022 12:17:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Mar 2022 12:17:14 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 8FBB 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=2c94045f-bb3a-49b9-b97d-a07d1fee46ba&adk=1004640193&adf=1248439354&pi=t.ma~as.2c94045f-bb3a-49b9-_&w=728&lmt=1646655433&psa=0&format=728x90&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655433263&bpp=2&bdt=1245&idt=2&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=375984350&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=e7uIalTgAo&p=http%3A//doctorultauonline.com&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:16:21 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame 8FBB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=2c94045f-bb3a-49b9-b97d-a07d1fee46ba&adk=1004640193&adf=1248439354&pi=t.ma~as.2c94045f-bb3a-49b9-_&w=728&lmt=1646655433&psa=0&format=728x90&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655433263&bpp=2&bdt=1245&idt=2&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=375984350&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=e7uIalTgAo&p=http%3A//doctorultauonline.com&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7872
x-xss-protection
0
server
cafe
etag
15461303091586157378
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:01:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 8FBB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=2c94045f-bb3a-49b9-b97d-a07d1fee46ba&adk=1004640193&adf=1248439354&pi=t.ma~as.2c94045f-bb3a-49b9-_&w=728&lmt=1646655433&psa=0&format=728x90&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655433263&bpp=2&bdt=1245&idt=2&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=375984350&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=e7uIalTgAo&p=http%3A//doctorultauonline.com&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:04:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8FBB 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=2c94045f-bb3a-49b9-b97d-a07d1fee46ba&adk=1004640193&adf=1248439354&pi=t.ma~as.2c94045f-bb3a-49b9-_&w=728&lmt=1646655433&psa=0&format=728x90&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655433263&bpp=2&bdt=1245&idt=2&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=375984350&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=e7uIalTgAo&p=http%3A//doctorultauonline.com&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38860
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646224922100600"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 12:17:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 8FBB 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=2c94045f-bb3a-49b9-b97d-a07d1fee46ba&adk=1004640193&adf=1248439354&pi=t.ma~as.2c94045f-bb3a-49b9-_&w=728&lmt=1646655433&psa=0&format=728x90&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655433263&bpp=2&bdt=1245&idt=2&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=375984350&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=e7uIalTgAo&p=http%3A//doctorultauonline.com&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6417
x-xss-protection
0
server
cafe
etag
10598556267281433416
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:11:48 GMT
35849274faa25b88196bf3c3ff2d72d2.js
www.gstatic.com/mysidia/ Frame 8FBB 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=2c94045f-bb3a-49b9-b97d-a07d1fee46ba&adk=1004640193&adf=1248439354&pi=t.ma~as.2c94045f-bb3a-49b9-_&w=728&lmt=1646655433&psa=0&format=728x90&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655433263&bpp=2&bdt=1245&idt=2&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=375984350&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=e7uIalTgAo&p=http%3A//doctorultauonline.com&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:13:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11831
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 10:04:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 10:13:30 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame B0C8 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 22:47:37 GMT
x-content-type-options
nosniff
age
480577
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 22:47:37 GMT
hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
pagead2.googlesyndication.com/bg/ Frame 74AD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7763921180411490&output=html&h=600&slotname=7762346353&adk=3311768508&adf=4279029712&pi=t.ma~as.7762346353&w=300&lmt=1646655433&psa=0&format=300x600&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655432889&bpp=3&bdt=871&idt=194&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6721682156034&frm=20&pv=1&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1080&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=1886255259&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pbwyfvdKBe&p=http%3A//doctorultauonline.com&dtd=205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 06:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
20100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13728
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 06:42:14 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=doctorultauonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 12:17:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=doctorultauonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 12:17:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/ Frame 5035 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Mon, 07 Mar 2022 04:39:24 GMT
expires
Mon, 21 Mar 2022 04:39:24 GMT
cache-control
public, max-age=1209600
age
27470
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/ Frame BD06 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Mon, 07 Mar 2022 04:39:24 GMT
expires
Mon, 21 Mar 2022 04:39:24 GMT
cache-control
public, max-age=1209600
age
27470
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame CAD0 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=2c94045f-bb3a-49b9-b97d-a07d1fee46ba&adk=1004640193&adf=1248439354&pi=t.ma~as.2c94045f-bb3a-49b9-_&w=728&lmt=1646655433&psa=0&format=728x90&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655433263&bpp=2&bdt=1245&idt=2&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=375984350&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=e7uIalTgAo&p=http%3A//doctorultauonline.com&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=2c94045f-bb3a-49b9-b97d-a07d1fee46ba&adk=1004640193&adf=1248439354&pi=t.ma~as.2c94045f-bb3a-49b9-_&w=728&lmt=1646655433&psa=0&format=728x90&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655433263&bpp=2&bdt=1245&idt=2&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=375984350&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=e7uIalTgAo&p=http%3A//doctorultauonline.com&dtd=5

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Mon, 07 Mar 2022 12:03:16 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame AD7B 		263 B
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/YhCBOLs0G8W.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de9e3d6aaed5aa038c023834c695642bd594444f894a6169b5e2ae1572416776
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
n+3MmvkQjstyAll9+UwwXA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
173
x-fb-rlafr
0
x-fb-debug
EKsAd/0Hy30YKgKl+H8NvaTBKrpMiAIVY1aLEnhIRVp02gSGFvGk5s0Uw1ouzinIsrHQ3vhZBwIJ6tr/e3WSUg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 04 Mar 2023 21:18:08 GMT
truncated
/ Frame 8FBB 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88f942cd0228690d1a9c04c802b18275d0ad0758c3cdef990465636f9071e325

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		833 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e28173df2215398839deae0854d64c439a14a2286643656d61506e75b8c47a35

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/ 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=1.45&b=1&r=doctorultauonline.com_728x90_sticky_display_top&sy=99e348c2-4fcf-4757-b546-9d6fc01ed93e&ts=97&cd=2&pud=235&pus=c&pue=1318&pid=98&pis=c&pie=1941&ppd=197&pps=a&ppe=2040&pad=296&pas=c&pae=1341&pcl=2084&ttc=2271&tti=3353&ttif=0&lca=2040&lcak=ppe&lct=2040&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=doctorultauonline.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=92ce9dcc-64ac-4fbb-9475-05c73e0a6256&e=lm&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FV78VRFNHTBMHCRDZE13EVE4
date
Mon, 07 Mar 2022 12:17:14 GMT
cf-cache-status
HIT
age
2487645
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e834450cdcc744b-LHR
css2
fonts.googleapis.com/ Frame 5035 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 11:54:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Mar 2022 12:17:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Mar 2022 12:17:14 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5035 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 21:34:39 GMT
x-content-type-options
nosniff
age
52955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 06 Mar 2023 21:34:39 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5035 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 08:42:06 GMT
x-content-type-options
nosniff
age
12908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 07 Mar 2023 08:42:06 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/ Frame 5035 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a25197dc637fcb41e8d3133cfed0573116c8a1618922454e6c13833754a161e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8378
x-xss-protection
0
server
cafe
etag
16647736096342315519
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:16:36 GMT
css
fonts.googleapis.com/ Frame BD06 		4 KB
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 11:32:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Mar 2022 12:17:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Mar 2022 12:17:14 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame BD06 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:16:21 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BD06 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C8JycyfclYtCCC4-N7_UPg-mhsAPT4_HHZqCwnZqYD8KS-eHPKhABIN277kdglQKgAb7rk_0CyAEJqQKzF9owuj6yPqgDAcgDywSqBO4BT9DT5eiA9mTFC8d2LC_sZgLofnasFwsYy8qUeiKa4KG8jk3U0OgLgyDsNQglkhDD8NMPCmL8ohzddaUEDU8piyjPHeiCPFYjTTsugBfZDoEmUSoRb7KjT9INFWTGfPmgVS9c3IbhvDvZVIOSP3lzDTDBN9MO5tM_0ovWtmLPrOEXJv9vRMbXKCcHP41HCtZ6ujpfvvY_j3mrBYyFI9pO1f334NsPGIej_H3Tgo08kV7p4l6TQynq1PiZ-XBsQIltsoHRD2_kdYKOcUHkf5HWb4N7gkGxxn-EnbEqJx0ugVqnBKe8bTpzzNVbe6ncdsAEs82GweIDkgUECAQYAZIFBAgFGASgBi6AB6qU7IIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQtqsy0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTc3NjM5MjExODA0MTE0OTAYAA&sigh=3bqIGy6Ps8Q&uach_m=[UACH]&template_id=484
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 07 Mar 2022 12:17:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame BD06 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7872
x-xss-protection
0
server
cafe
etag
15461303091586157378
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:01:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame BD06 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:04:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame BD06 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6417
x-xss-protection
0
server
cafe
etag
10598556267281433416
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:11:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BD06 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38860
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646224922100600"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 12:17:14 GMT
35849274faa25b88196bf3c3ff2d72d2.js
www.gstatic.com/mysidia/ Frame BD06 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:13:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11831
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 10:04:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 10:13:30 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 8FBB 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 22:47:37 GMT
x-content-type-options
nosniff
age
480577
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 22:47:37 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/10532302689316299079/ Frame BD06 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10532302689316299079/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91ae905271a6d6ad90859c697d963e534c42ceeea8310df70a73a3e83ce377b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:00:42 GMT
x-content-type-options
nosniff
age
62192
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38885
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 17:58:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 06 Mar 2023 19:00:42 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/3974295938494546615/ Frame BD06 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3974295938494546615/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ec50f64921ad3f27786836b128eb33b1e434d0e40f347807777b9e021da15b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:16:04 GMT
x-content-type-options
nosniff
age
439270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2341
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 16:36:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Mar 2023 10:16:04 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CAD0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=2c94045f-bb3a-49b9-b97d-a07d1fee46ba&adk=1004640193&adf=1248439354&pi=t.ma~as.2c94045f-bb3a-49b9-_&w=728&lmt=1646655433&psa=0&format=728x90&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655433263&bpp=2&bdt=1245&idt=2&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=375984350&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=e7uIalTgAo&p=http%3A//doctorultauonline.com&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 07 Mar 2022 12:17:14 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Mar 2022 12:17:14 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 07 Mar 2022 12:17:14 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/login/ Frame AD7B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flikebox.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdoctorultauonline%252F%26width%3D300%26height%3D250%26colorscheme%3Dlight%26show_faces%3Dtrue%26header%3Dfalse%26stream%3Dfalse%26show_border%3Dfalse
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/YhCBOLs0G8W.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/doctorultauonline/&width=300&height=250&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
qj27As5Y5pPtN5GDaF9KcmJihYxbhSXwRnccF5uqBNmP6rLKm6rdn5raW17C16Y/iYINLuVzFdtZaerYQFFdMw==
date
Mon, 07 Mar 2022 12:17:14 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
css
fonts.googleapis.com/ Frame 6D1E 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 11:30:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Mar 2022 12:17:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Mar 2022 12:17:14 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 6D1E 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:16:21 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame 6D1E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7872
x-xss-protection
0
server
cafe
etag
15461303091586157378
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:01:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 6D1E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:04:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 6D1E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6417
x-xss-protection
0
server
cafe
etag
10598556267281433416
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 12:11:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6D1E 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38860
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646224922100600"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 12:17:14 GMT
35849274faa25b88196bf3c3ff2d72d2.js
www.gstatic.com/mysidia/ Frame 6D1E 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:13:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11831
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 10:04:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 10:13:30 GMT
truncated
/ Frame BD06 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53e32210efab25441e317af1e5bb870e1cfbd96a42f6079585911ac4bae96e83

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2688 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Mon, 07 Mar 2022 12:03:16 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2688
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 07 Mar 2022 12:17:14 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Mar 2022 12:17:14 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 07 Mar 2022 12:17:14 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
pagead2.googlesyndication.com/bg/ Frame 2A9C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 06:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
20100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13728
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 06:42:14 GMT
hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
pagead2.googlesyndication.com/bg/ Frame 2970 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=2c94045f-bb3a-49b9-b97d-a07d1fee46ba&adk=1004640193&adf=1248439354&pi=t.ma~as.2c94045f-bb3a-49b9-_&w=728&lmt=1646655433&psa=0&format=728x90&url=http%3A%2F%2Fdoctorultauonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&dt=1646655433263&bpp=2&bdt=1245&idt=2&shv=r20220302&mjsv=m202203010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6721682156034&frm=20&pv=2&ga_vid=1818786035.1646655433&ga_sid=1646655433&ga_hid=615369284&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31062422%2C31064858%2C31065368%2C31065414%2C31060048%2C31064018&oid=2&pvsid=2664612777864818&pem=231&tmod=375984350&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=e7uIalTgAo&p=http%3A//doctorultauonline.com&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 06:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
20100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13728
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 06:42:14 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220302&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8a5a3baec4d654126168ad329ee9ac3b361210ce936445965e4fd80c4672968
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 12:17:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10393
x-xss-protection
0
hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
pagead2.googlesyndication.com/bg/ Frame 327E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Requested by
Host: doctorultauonline.com
URL: http://doctorultauonline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 06:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
20100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13728
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 06:42:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7763921180411490&plah=doctorultauonline.com&bust=31065414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 12:17:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B285 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Mar 2022 12:09:47 GMT
expires
Tue, 07 Mar 2023 12:09:47 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
448
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2A69 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4c9e579ca7f469b31a9922167cc1eb585eb556dd468e84224513c4552c5df7f0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SSNOApLaZQoYvc/GSfOcOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 07 Mar 2022 12:17:15 GMT
date
Mon, 07 Mar 2022 12:17:15 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-SSNOApLaZQoYvc/GSfOcOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame B0C8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuybEv3k2kvCUcC31e5ZW_hBPxGWNLGbbOPNJSCtws_Lkf6X9Xqq2desxz7n5nr6Squ2MpTa6YFSusXWu1IZpu9f0g5m-vbcNv3PU4DH9K9pVY7GkgVww&sai=AMfl-YS2M9wWT0jRpGfp5WX6YrnDOb9FThXYp4cu3_RauVwk_kDkgoA_Ws6MpGMuIEL6I9J9URerIkYCf6Tq&sig=Cg0ArKJSzGW11N5_FAavEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3311768508&rs=2&la=0&cr=0&vs=4&r=v&rst=1646655433097&rpt=971&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.mgid.com/pv/ 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1646655435077713053009&uniqId=020c1&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fdoctorultauonline.com%2F&lu=http%3A%2F%2Fdoctorultauonline.com%2F&sessionId=6225f7cb-14867&pageView=1&pvid=17f644ff1469acdcc29&site=493522&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/o/doctorultauonline.com.1268367.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e8344557924752d-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgid-logo-ua.svg
cdn.mgid.com/images/logos/ 		1 KB
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/mgid-logo-ua.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
524160e936b37ca64801d1925674fa3482f398ee0a03af068ac4ad330167b15c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:15 GMT
content-encoding
br
cf-cache-status
HIT
age
137
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
WDV7SY97Z5KZM4DP
x-amz-id-2
XC8hTBwz25C0Nc3CDDnQT5GJX6o0+6gyFVuiA6Mnx/JulL645jWH1hnpVdsVxuko9uf5+276bEc=
last-modified
Wed, 02 Mar 2022 18:11:37 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646244686/ctime:1646244686/gid:0/gname:root/md5:17f813144571b58f583d7f58e611b631/mode:33206/mtime:1646244686/uid:0/uname:root
etag
W/"17f813144571b58f583d7f58e611b631"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e834455a963752d-LHR
expires
Tue, 08 Mar 2022 12:17:15 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:15 GMT
content-encoding
br
cf-cache-status
HIT
age
6956
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G7XVAWHV2A1TM5YQ
x-amz-id-2
YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e834455a966752d-LHR
expires
Tue, 08 Mar 2022 12:17:15 GMT
hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
pagead2.googlesyndication.com/bg/ Frame B285 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 06:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
20101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13728
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 06:42:14 GMT
1
servicer.mgid.com/1268367/ 		1003 B
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1268367/1?pv=5&cbuster=1646655435158249571301&uniqId=020c1&niet=4g&nisd=false&jsv=es6&w=420&h=374&cols=1&ref=&cxurl=https%3A%2F%2Fdoctorultauonline.com%2F&lu=http%3A%2F%2Fdoctorultauonline.com%2F&sessionId=6225f7cb-14867&pageView=1&pvid=17f644ff1469acdcc29&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/o/doctorultauonline.com.1268367.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e09f38e736efcf13e3f75dab6df9a250375370138ff0e1fc2f1ffa38e0d670c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e834455f9fe752d-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/pagead/ Frame 2A69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220302&jk=2664612777864818&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B285 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?O_if-Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
mgid-logo-ua.svg
cdn.mgid.com/images/logos/ 		1 KB
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/mgid-logo-ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/o/doctorultauonline.com.1268367.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
524160e936b37ca64801d1925674fa3482f398ee0a03af068ac4ad330167b15c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:15 GMT
content-encoding
br
cf-cache-status
HIT
age
6200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
WDV7SY97Z5KZM4DP
x-amz-id-2
XC8hTBwz25C0Nc3CDDnQT5GJX6o0+6gyFVuiA6Mnx/JulL645jWH1hnpVdsVxuko9uf5+276bEc=
last-modified
Wed, 02 Mar 2022 18:11:37 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646244686/ctime:1646244686/gid:0/gname:root/md5:17f813144571b58f583d7f58e611b631/mode:33206/mtime:1646244686/uid:0/uname:root
etag
W/"17f813144571b58f583d7f58e611b631"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e834457acd28868-LHR
expires
Tue, 08 Mar 2022 12:17:15 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/o/doctorultauonline.com.1268367.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:15 GMT
content-encoding
br
cf-cache-status
HIT
age
1351
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G7XVAWHV2A1TM5YQ
x-amz-id-2
YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e834457acdb8868-LHR
expires
Tue, 08 Mar 2022 12:17:15 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzcyZjhjOWRkYTZlN2ExZWU2MGFjYTU3N2YwNjBmMDFjLmpwZWc.webp
s-img.mgid.com/g/3860766/492x277/0x13x750x500/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3860766/492x277/0x13x750x500/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzcyZjhjOWRkYTZlN2ExZWU2MGFjYTU3N2YwNjBmMDFjLmpwZWc.webp?v=1646655435-qLSSVjXN2Ilt13BTdSj7uq7mc9Wrnf0U14UevsNQGyQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35e1c057e26849dbf777e7f8d5baec6ad67a3a0305a6d24045c38d9bf037758

Request headers

Referer
http://doctorultauonline.com/
Origin
http://doctorultauonline.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 12:17:15 GMT
cf-cache-status
MISS
last-modified
Mon, 20 Dec 2021 13:41:00 GMT
x-mg-request-uuid
a34ec3c0-a9d8-4c32-a260-2e05d997421f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e83445858c7008d-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11974
server
cloudflare
i.js
cm.mgid.com/ 		0
113 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1646655435636681627521
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/o/doctorultauonline.com.1268367.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6e834458fe7d752d-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
activeview
pagead2.googlesyndication.com/pcs/ Frame BD06 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3N6znw0zKrNp9hd9Ra3Psn_MMMSYsurC6J4Z-befhMGaylVuKXBevYOpdF2Tp2a_WtkCJUhDW-UI6WfSQY9HCKlkDucQzj6knA15G3CvZDGDISDeWNQ&sai=AMfl-YRHg1aA3KjyHlckV3rEiV33oNjS_nI5BAMVy9-6KmxDGTh5U6u2bgyWNn3BabmJ9KRTpTguGiCz0Yef&sig=Cg0ArKJSzBcW0NlZ7WdCEAE&id=lidar2&mcvt=1022&p=0,0,124,1005&mtos=217,839,1022,1022,1022&tos=217,622,183,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1646655434162&rpt=511&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i-noref.js
cm.mgid.com/ Frame 7270 		0
72 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1646655435703717922706
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/o/doctorultauonline.com.1268367.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6e8344594f3f752d-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
activeview
pagead2.googlesyndication.com/pcs/ Frame 8FBB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslj0XGiyV6_wQ6aqYEiQRTPX7MzGVoGGWZVWAPTN7iCVaEnUOoa3GJXmcWm9pGz6yOma0JZ3qB3jW5jvXfPykCw8L3UTlaapmHrhfHhbv9jvuzeFkVFw&sai=AMfl-YSchRijlwW0r7FkFr4SayKbyMdi04VcxRM6ix_qXUfX4n6Y817P8rldJ3DvdR_xBq0PluT8623BL8Sa&sig=Cg0ArKJSzK99qrE0CCNuEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1004640193&rs=2&la=0&cr=0&vs=4&r=v&rst=1646655433269&rpt=1449&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220302&jk=2664612777864818&bg=!BwSlBEDNAAb7UztL-1M7ACkAdvg8WuvSGOxNnfak8tWF0SBJhob3iPw9NsRDWoJFvxc47v6GiltrLwIAAAEvUgAAAAloAQcKAN7QwBlCj2P0lyyS2Y9XGYOo5giqhV2Ipa8elep7jMr7YaF9O1vuS_oSU5zMcjLMHvd1RY2zYIBQi_W6SbkpIF_lUn1Qd7VmFsrjcZqup69LOV7C7RR4p576E99vCLV5b_aQ2xGevTjiU16HY9UrzYaosQH9JqhHMUZVhLN5sd2aIEn3VA13ErZLh12wmbwoxNOCWnoa5C8448RXu2V1FObFtyHman3Ks2zWns3qf2Fjwoq_zBccODZGIaIQaSEy-6Qj1J7sIK0gAuB30Mkt6qSoqGulU9FFiyH2DvvLdyqZApsEWmWiW-vCqLTAotRWHbd_9gCG_EG_UpVYUweMVwEjnOSzlpczlJ-VODx7bCp9aGthmeIuQZ87D9UiurI2n_1jGEstBqk8G8yEMEE0TJVCozOoXpXJ9pKwBeLnWBm_oicCK-OLdt2gXPxIBF2s8gNVUXsThRjleJ40fH664-DANrhdd7ioznr4THozfYsX3dz4gbGgyN7nWiXOVHdB-OTuGmOlM_wBg85NC_73Y-27iETTHM-E2xwjGpZUPSZ4ivycXOPirZOU6ailhFGc4Fj--XcC3YinYSCLi5KUYDquGpk0xtf5awOzhJ1We6uQeaqdKEp--ERBTrBB_5EhM3-0y3CtjtVZzC99HO63mc1t8jBYR5Ws8F0-0RHhXgYv8jvDNBuQzAhTa3AsLuHjJbDBxebd32RVzuc6dhUUR3MgGYEumNMVGMJstD3T57lbsmdVKo3AyRdOXJouqTiphoVi07k-iAaFhxDCfOIrK9POcVDHC7yYYF6lxl-_IMoFchKdxa7DYOeN9ZlMUQ543r0-M1x89C-6ZQb_uyo8F52kKfzbZLxy7RkIi0VMnCAFKhThRWj8eJg0sHk9OBXek1UsZP1hkV7SISNjJTfSLeiSfilZ67rZljOmeUKN-oajjAF9WX4xX0vLCKz10WrnE73t8u1PQP6nQ5ZzrThbO9Ctz4J2h8dE8SL0JV8rzN964Poq1-wgcwLCv0N-BxkH3ZQ9wVgNURctW6Q1b4oSDA48aRU7j2E0yvh-Y6T9VnuDec8PzcVUVrT1G32_MQRcmzoO7tYt63XrDcSC8MRWfLAjdVg8LClbfFwTRTUVW73xr8q-RuHPYXzqFbbVT1IRKh3Vxgq1GvXqoSRIQhVd3cZ4LhKm6toSKXYYePpn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 12:17:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=doctorultauonline.com_728x90_sticky_display_bottom_stickydesktop001&e=ubs&dsReferer=aHR0cDovL2RvY3RvcnVsdGF1b25saW5lLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://doctorultauonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nf-request-id
01FV78VRFNHTBMHCRDZE13EVE4
date
Mon, 07 Mar 2022 12:17:19 GMT
cf-cache-status
HIT
age
2487650
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e83446e5b32744b-LHR

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pushgoo.ru
URL
https://pushgoo.ru/inc/crabs_push/17

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery object| core object| __core-js_shared__ object| firebase object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| advanced_ads_ready object| advanced_ads_ready_queue object| FB object| __twttrll object| twttr object| __twttr object| gapi object| ___jsl number| spu_count string| spu_counter function| socialPopUP function| thanks_msg function| twitterCB function| googleCB function| closeGoogle function| spuFlush function| createCookie function| readCookie function| spu_timer object| cnArgs function| gtag object| dataLayer function| google_spfd number| google_unique_id object| google_sv_map function| documentInitOneSignal function| OneSignal string| GoogleAnalyticsObject function| ga string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupply number| google_lpabyc object| tie function| createTicker function| rotateTicker boolean| isInTag function| typetext function| removeFilter boolean| pp_alreadyInitialized object| dspbjs object| _app object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| popup_object function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| $window object| $the_post boolean| doresize object| scroll_pos boolean| hashtag object| google_tag_manager object| google_tag_data object| gaplugins object| gaData number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| google_llp object| _mgIntExchangeNews object| MarketGidInfC1268367 function| MarketGidCContextBlock1268367 function| MarketGidCMainBlock1268367 function| MarketGidCInternalExchangeBlock1268367 function| MarketGidCRejectBlock1268367 function| MarketGidCInternalExchangeLoggerBlock1268367 function| MarketGidCObserverBlock1268367 function| MarketGidCSendDimensionsBlock1268367 function| MarketGidCRtbBlock1268367 function| MarketGidCIframeSizeChangerBlock1268367 function| MarketGidCContentPreviewBlock1268367 function| MarketGidCResponsiveBlock1268367 boolean| mg_loaded_493522_1268367 object| onClickExcludes object| GoogleGcLKhOms function| mgReject1268367 function| mgLoadAds1268367_020c1 function| MarketGidCReject1268367 function| MarketGidLoadGoods1268367_020c1 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint493522 string| _mgPvid boolean| _mgPageView493522 boolean| i.js.loaded boolean| i-noref.js.loaded

15 Cookies

Domain/Path Name / Value
doctorultauonline.com/ Name: PHPSESSID
Value: 2b398ed009ebd296e4845e08e68de5c5
.google.com/ Name: NID
Value: 511=JfzGtPNu15ZriYrqalNyhXhwW9vPKtmYagmHVHuXU5t9oWd3i-GdcqIkYlgkYBZ2381tQchk9KdsNf40RumLklixYtgeKmb_oN1VVFtMW1CpsZrKeDSrSfBatoquM16g2NIwNZPCfCfZbD5V6bkQC56sDOdARWJcrnt5XEpX0Hc
live.demand.supply/ Name: demandSupplyTi
Value: 92ce9dcc-64ac-4fbb-9475-05c73e0a6256
.doctorultauonline.com/ Name: _gid
Value: GA1.2.1046881388.1646655433
.doctorultauonline.com/ Name: _gat
Value: 1
.doctorultauonline.com/ Name: _ga_2TVEG2Y6KG
Value: GS1.1.1646655433.1.0.1646655433.0
.doctorultauonline.com/ Name: _ga
Value: GA1.2.1818786035.1646655433
.doctorultauonline.com/ Name: _gat_gtag_UA_109657542_1
Value: 1
.mgid.com/ Name: __cf_bm
Value: O9L1rRnsxCPoFPHOFuot4Adv4oXIdl8aZtAUp98ghC0-1646655433-0-AShCuHCYlirZkz85wQ6rdm0yrePrAkJaPBXRDQAJXDD0m/5uScL+TFdfvmiH9y+fXAU0hCMPe2hccs883lP31Eg=
.doctorultauonline.com/ Name: __gads
Value: ID=a260d62d81562864:T=1646655433:S=ALNI_MZTYmbG9hlW-pDdJCUlN9Qs7qSN3g
.doubleclick.net/ Name: IDE
Value: AHWqTUni1zZmzsVtVAeFmSdxLTbldJYZh_gIurood5xvI6PD6wzdtCIvN4Zx754k9HY
.doubleclick.net/ Name: DSID
Value: NO_DATA
servicer.mgid.com/ Name: __mglb
Value: ed02bb11b748a9279413c1eb8e47c448
.mgid.com/ Name: muidn
Value: m27f9bxyY8h4
doctorultauonline.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1268367%22%3A%7B%22page%22%3A1%2C%22time%22%3A1646655435439%7D%7D

23 Console Messages

Source Level URL
Text
network error URL: https://pushgoo.ru/inc/crabs_push/17
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://doctorultauonline.com/wp-content/uploads/2020/04/LEPARISIEN-estelle-1120-300x171.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2018/12/Wiki-background.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2020/04/download-4-2-212x300.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: http://doctorultauonline.com/wp-content/uploads/2019/12/20-300x160.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2019/11/54-8-300x160.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2020/01/37-218x150.jpeg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2020/01/35-3-279x300.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2020/03/38-252x300.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2020/04/14-4-300x166.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2020/02/8-13-212x300.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2020/02/dieta-cinci-300x200-1.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2020/02/dieta-cu-lamai-300x192.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2020/01/30-300x169.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2020/02/safe_image-19-2-300x157.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2020/02/iaurt-cu-patrunjel-300x204.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-7763921180411490&fa=1&ifi=8&uci=a!8&btvi=1&xpc=1iYHm4OFP0&p=http%3A//doctorultauonline.com
Message:
The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: http://doctorultauonline.com/wp-content/uploads/2019/11/ghimbir-lamaie-300x160.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2019/11/26-10-300x160.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2020/01/10-244x300.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2019/11/73504702_922085664858332_3371635321195200512_n-300x160.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://doctorultauonline.com/wp-content/uploads/2019/11/59-3-300x160.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33006ed7b42f1d454ddcec9cdd52e250.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
api.demand.supply
apis.google.com
c.mgid.com
cdn.mgid.com
cdn.onesignal.com
cdnjs.cloudflare.com
cm.mgid.com
connect.facebook.net
doctorultauonline.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jsc.mgid.com
live.demand.supply
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
pushgoo.ru
s-img.mgid.com
scontent.xx.fbcdn.net
securepubads.g.doubleclick.net
servicer.mgid.com
static.xx.fbcdn.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
pushgoo.ru
104.19.134.78
104.19.136.78
104.244.42.200
142.250.181.226
176.126.202.101
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:135e
2606:4700::6810:8516
2606:4700::6810:8616
2606:4700::6812:e134
2a00:1450:4001:801::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0982166468cc0ec6e23155f10397456c908a0599e4eac7dd0d81431843ca503f
0a0bd6dfb65ff96d96b7b94ef7beec5b2d38219b0b658577876439d4e65e6df1
0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb
0c760d336cf32f30b37713585c0015f86e852828eaae85a6f15eb7af09aac797
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0fa83da93da4d73f6b76fa2b992cd08e9333f3ec8e46c270fa503c077d17df8b
115e52a557896ed73c32356fed0d5054fc0555bfe29abdc81e04a8374ce32a3e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1721e3cda57603c78e187936ff71d5cdeb7687127341a2abba9c45ea11cc1616
17e7c611dac721a18c35c681611cfcf5ccf48c420b9358f8cc383174342669c8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
187b1229260f74dd99647dfc63ac62c49f944ff853ea8510c039297375986dde
18ddd676ded85f867b718a83b1027949bd7c9cbd06861d68c1b261948a995206
1a1ceef0848eb5ea2c816e56c35b6be9fcee9295c976ac5b0da03d4552d9ac4b
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
203ffa4da004e9074636d54e40c5ac99adc5bba492018a2bfa35cb73f58c0da3
230959e5505235ebf0473029b87213f3a2f230ef2ddbd93119812ea6fc684ce7
237aa21168a7e458f506010606ab48d11c54b08221ae6297b2964ee41c71c8ad
238f70532a38f385fe8c59fe2d14008a04b3aa437ef085f1b0a7e272c1de10c4
25020b17ed0266291a2268a1a4cdfb6c06ef39f2b43bb9a867acda3a0b4487be
2611a5f349a045baa9d8b596309a3038de42689d9d2bb38e12dc7795c6439bcf
27eff2c7771d0dadc59966e09a51780633f7d288bf9bdf7e90b8e3d04a4af25a
285a7d9cb46201ac73d3edcc2565eba6660b152b1abaf9806739c26f7d82eaac
288ac35b2088c2fa8d930b09d606eac7904e37016417f56555fba08704f61987
2a8cfdaf827b44c18fd53a8625cfe0f85f7e498a2af0757fbd9c7b78018706ca
2ac73d30ed0505960ae615cdda90ca4e9c0c2a3ba6b19ec4ee6dc9a32c2951f1
2f7278cc9f52fbafcb479c7c60c14d119a396c6b2b2c0a968f637a1562f69efa
32462f339c58e0f9e90d3ea375dcb8870720246b02c0bce345e43b5d48d3ebd7
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
373e3dbd7a49fd0a46f537465c65ec3e9a4d7cdc880fce10e5af46de6c9e461b
382cbcd13c1f3aa9bf8cd7a81d6256267aaf7b8d0e3950bab0933e9a494ea28a
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
3f60f3afea7530df0d25c667690df4d8084ed081efbb1f49efdb60f4cb805a19
437a4ac54e038184aacac4132353ef6a31dc587d3327b0f4a434dac027ac93cb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
451a4ca6125cd8d5ee49f2c741d26f3a6093e88a60ead72648c18a3672cda807
45f4dc41822340da6d0c7aaff958988ef33903294b718e3be38f820fd7e2c1ad
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d
4a1e04bd81415251acdb6988ee5cc0f635d71afcf2d9b0b8c2980a73f79fd875
4b690d1ea16161a5ee6e489a6964b4bb824399bed9b372d3ebc209f5ddd1bdfd
4c9e579ca7f469b31a9922167cc1eb585eb556dd468e84224513c4552c5df7f0
4cfdc815884202a74f80463b3ff3bbd680c19c9720e5aad149ffd096c599b020
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
524160e936b37ca64801d1925674fa3482f398ee0a03af068ac4ad330167b15c
53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f
53e32210efab25441e317af1e5bb870e1cfbd96a42f6079585911ac4bae96e83
559889bf26f6361c88e34a7c2f860cf7083643a953d136e9b9ccd5dfc5e4fbec
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
5693efc26042c4432a739324f2abf1c642fdad890534939a97370e4e97445b76
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5fa78c79e1ab7a39fa0ad1c4fdd3bc993c8f6e220ee0e92bab96b8515223d8ca
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c0127b59dcf609c49affa3b27bc1e2ce139b72a9f2f10558fc424983a6f2b6
650d721f07cb4a6d23313e4fb253a58ae16dbdd91e85692c1610cded90136e8e
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
686503904e6c2457565ac125cd3e25ffaf0ae1b94e8feb569d6cd62a5d2ff9d0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
6f409e86d1d0f92a481c4d32e5226cf80a5f7be6f66587767a3c2b1c677edc1a
6f6b7c19a39403d9b8e6bb02c6654b316bfa7ed773993f325ffe9a123c90f9c7
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72ed02b56bfe9d71a7e8f5dc7d5a8807283f54649dc07e82a231d0af915097eb
7338e17b537df32a705639e31e704f62669d0e774e9e0c322c199ebe0df13e33
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
78da1e58b942fec4a720191f34f55f0aaae8955263d148f2c322a0034b9ed36a
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a1e6a2227bf36f7cabc29b15021e00c48cff06104f30d403e14df7465f2c6bd
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7da751818ec7dab1a67a8e4faacf5f2b9ee4fa03f1910d6d5d745fa51dbffffb
7e09f38e736efcf13e3f75dab6df9a250375370138ff0e1fc2f1ffa38e0d670c
810c1c3d8db2f50c9b91508cc9798d757d0355b12daa9b7ea08ffb5f868a2d63
818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd
8231fb60491493f4b2999bccb07fbf4c3dcb5083e802d40473d0b6094967e08a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d8163b3bbf0cb7285b8aa4964248e1db6d3b0034d03c43243682b302e02b48
840711eaa754b000831567752cc1f5e460bd0f0097be8cb273230834a1a3a7a2
85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592
876f928ae46de8df04f518cd3ebd3f1040ed340377a4c1bcaf8e27e61ce06c61
88f942cd0228690d1a9c04c802b18275d0ad0758c3cdef990465636f9071e325
893e806029e8f0a58f779d1a81128203e262d853326c23a15122f66fffef8bf7
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8baa13868d2b7762acb7166efbae7beceb4795b8676e2f4530ed2df3161efcc6
8e19cd4e07351cfb35d05a152df4a00b85eb01c8e88efac72b1c01c710ebb4ae
8e6cd9553622fdf6ee0546107b31d8bc1b3b88e05e9c805920b19ee34200ec2d
8ec50f64921ad3f27786836b128eb33b1e434d0e40f347807777b9e021da15b3
8fa655178e22a67517cc11894c9715bd5d7c8fa8f9c8550bcdcbf106e59c5aaa
91ae905271a6d6ad90859c697d963e534c42ceeea8310df70a73a3e83ce377b1
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a90950a6e18059dfdf471afde3538978738cbb2a02752608febcad12d91e30a
9ea291824ef2da30d149cbac248ca1e4918b93c1c8dd8479faf8c780ee180e82
9ed237e09d077e8b6487615976683a5cdf2f79fa4a4c83462b41ddd6256c6cf9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a25197dc637fcb41e8d3133cfed0573116c8a1618922454e6c13833754a161e5
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a504a40b594a18f9b69c8e870b4616b0dab24ddfface0ae93849a2f084a4afe8
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa691b778a78ba4cad31dddd9aa4a11eba60175605a33a6d76087b4748d1b65e
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ae1dfa01aedc77a094ce8ff298609c61ec0ad51399d6bf37364a1a4340ad29a3
ae8feddc096742714ba1cfca690abddc38e78aa78da89f584982c9ab8bc44db4
af2f9dd3afab13e429d86ec1b74472ea28cdc900bee013005270218d5b2a11f4
af89f3bf746883ab0f67f73f94042d53b6d10000411e568c3c3a98a4766ecc86
b153dfa4c7ea65c85d9a890279af985e41200b43540685ea411b561a104f4e28
b87b497bf46699df860b7cc1283b264ef5326a6c684d29607421eab5878054c5
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd720c3330f9e1e856f0312d423377f9fd3cef9c81b1ee1edb80ed7fcfaae849
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8e6fcd1306718a538d693c3e307cf06eacfdd6ef7c574fb78ce0bf7b6bc3d34
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
cb729b04568f05845cba9b49cf23a7de2a458ea68a54dff3c6c8c78054c58f85
cde6f51b005e56d4272454994e4d3af5c9e53d4460915e3f023cdf56c5cf1906
cebc0b7e3c9904af6f553ef5e9f2a86b29091ade9aa57001ff90febb82a7b95b
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
d35e1c057e26849dbf777e7f8d5baec6ad67a3a0305a6d24045c38d9bf037758
d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b
db68aee46705b0fb54d1c78ede443219729ff19ba305c111f0ad8be007417634
db9639cf03f1139f50fe2ab13e4d642aac4e39f68adf15e8ac0649796b23eaac
de934a085817710cb3bbd98d33e5b0c91709425d89eada2a2c55909c8b3443de
de9e3d6aaed5aa038c023834c695642bd594444f894a6169b5e2ae1572416776
ded2314e5aa07d9f2724d2620a5fd91073b7d572b03ab850d8537c5b63d487b0
e0470151eba613aa49b7cc0ae8b8d51851e70d4c7eb88cbe673cc75e84459a67
e28173df2215398839deae0854d64c439a14a2286643656d61506e75b8c47a35
e2e21fb087bb7be32af478b60561ee64a281a45f2d9f55f9fab68f053c357fc1
e393ea04e46d228a4038bf0217757eda47c80a4d9402e9789bc59625542a99bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4242947cf71f109899f2746dc08dc71e7181188b6466229675b982fa0d6531b
e4d9d91a3c3263a4c0b51389fc213123193e782cc48da6214c1b66ba57b7ca9d
e68b5dff23d173599878ccfd05892f57a52ea1330cf5f32e4645df7b718bba10
e8a5a3baec4d654126168ad329ee9ac3b361210ce936445965e4fd80c4672968
eb70fb46897cb45ed020e4afa148ad7f7c85e6dbf89e300404af94a3e6bbd05a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36aacb6779027d2c502516423954a55dddea655ea05025eb445d787527f77f7
f65c00227868dcd7e51e1869dc331302818971ab476f21b5ebc87feb83f1d0a5
f775b5dcc506b99d7511d439d206d1c8c7f562e28dfdf2fe5aff7fa8d91268c4
fafdb6d06cf5096278fc749faf71ed2fb20b5d5ef6f0fab5b86f50216b9dc340