urlscan.io logo urlscan.io
SecurityTrails logo

www.edocr.com Open in urlscan Pro
34.194.88.169  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/Train-Cat-for-Enjoyable-Enrichment-Activities
Effective URL: https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Submission: On November 30 via manual from GB — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 33 HTTP transactions. The main IP is 34.194.88.169, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.edocr.com.
TLS certificate: Issued by Amazon on April 28th 2021. Valid for: a year.
This is the only time www.edocr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    34.194.88.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-88-169.compute-1.amazonaws.com
www.edocr.com
8    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.it
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
13 www.edocr.com 1 redirects www.edocr.com
8 pagead2.googlesyndication.com www.edocr.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.edocr.com
www.google-analytics.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.it pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
33 9

This site contains no links.

Subject Issuer Validity Valid
edocr.com
Amazon		 2021-04-28 -
2022-05-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.it
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Frame ID: 63E27D624219F4EDA6C945AB82EDAF99
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 30AB802E46D54682591E9ADAE73EAEEB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=8628223775&adk=2306401753&adf=1981261236&pi=t.ma~as.8628223775&w=350&lmt=1638293483&psa=0&format=350x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fm06w9ap4%2Fmackenzierodriguez961%2Ftrain-cat-for-enjoyable-enrichment-activities&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638293483152&bpp=5&bdt=1310&idt=151&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=5360337485124&frm=20&pv=2&ga_vid=375196229.1638293482&ga_sid=1638293483&ga_hid=962190909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-975&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C31063737&oid=2&pvsid=970618413930526&pem=597&tmod=838272998&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AB3ZmWkhPA&p=https%3A//www.edocr.com&dtd=165
Frame ID: 6D71128BC8D29B330D3E7947702F95A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=600&slotname=3952982610&adk=937441900&adf=3095482696&pi=t.ma~as.3952982610&w=120&lmt=1638293483&psa=0&format=120x600&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fm06w9ap4%2Fmackenzierodriguez961%2Ftrain-cat-for-enjoyable-enrichment-activities&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638293483157&bpp=1&bdt=1315&idt=168&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250&correlator=5360337485124&frm=20&pv=1&ga_vid=375196229.1638293482&ga_sid=1638293483&ga_hid=962190909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=25&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C31063737&oid=2&pvsid=970618413930526&pem=597&tmod=838272998&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8gakG94fAm&p=https%3A//www.edocr.com&dtd=171
Frame ID: CB068AE3BB1CC8DF4CF35BF4F9B6D442
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=485626509&pi=t.ma~as.4103433139&w=300&lmt=1638293483&psa=0&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fm06w9ap4%2Fmackenzierodriguez961%2Ftrain-cat-for-enjoyable-enrichment-activities&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638293483158&bpp=1&bdt=1316&idt=172&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600&correlator=5360337485124&frm=20&pv=1&ga_vid=375196229.1638293482&ga_sid=1638293483&ga_hid=962190909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1270&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C31063737&oid=2&pvsid=970618413930526&pem=597&tmod=838272998&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0QpJgCZXVd&p=https%3A//www.edocr.com&dtd=174
Frame ID: A7810B60A2C3DD4B8BA9ABD6FBDC0468
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&adk=1812271804&adf=3025194257&lmt=1638293483&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fm06w9ap4%2Fmackenzierodriguez961%2Ftrain-cat-for-enjoyable-enrichment-activities&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638293483177&bpp=1&bdt=1334&idt=157&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600%2C300x250&nras=1&correlator=5360337485124&frm=20&pv=1&ga_vid=375196229.1638293482&ga_sid=1638293483&ga_hid=962190909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C31063737&oid=2&pvsid=970618413930526&pem=597&tmod=838272998&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=161
Frame ID: 12ED11AA1E7452C012EF242B814BAA61
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8E40DEEFC43B8CDA176362502A2EDFA7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10F695795BB3CF72567ADE421E9C893C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Train Cat for Enjoyable Enrichment Activities! | edocr

Page URL History Show full URLs

  1. https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/Train-Cat-for-Enjoyable-Enrichment-Activities HTTP 302
    https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities Page URL

Page Statistics

33
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

10
IPs

2
Countries

882 kB
Transfer

2952 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/Train-Cat-for-Enjoyable-Enrichment-Activities HTTP 302
    https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request train-cat-for-enjoyable-enrichment-activities
www.edocr.com/v/m06w9ap4/mackenzierodriguez961/
Redirect Chain
  • https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/Train-Cat-for-Enjoyable-Enrichment-Activities
  • https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.88.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-88-169.compute-1.amazonaws.com
Software
/ Express
Resource Hash
0187a824dce61314dbba2200353520dcc9c07524d8c1b91d0ac98e48061a5af7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

build-number
2196
content-encoding
gzip
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Tue, 30 Nov 2021 17:31:21 GMT
etag
W/"13e0-5UO5AqUZ8TZQyv74XX4jOxAnTCc"
vary
Accept-Encoding
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive

Redirect headers

build-number
2196
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Tue, 30 Nov 2021 17:31:21 GMT
location
/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
vary
Accept, Accept-Encoding
x-powered-by
Express
Content-Length
202
Connection
keep-alive
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a282c187187d03788324d6edfd084820766a3ce032ae41907fdef18044a66003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51220
x-xss-protection
0
server
cafe
etag
6727847873997619435
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 30 Nov 2021 17:31:21 GMT
main.00f291007fc7948c83c0.css
www.edocr.com/v/static/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/v/static/main.00f291007fc7948c83c0.css
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.88.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-88-169.compute-1.amazonaws.com
Software
/ Express
Resource Hash
65e4e63638e9c69fe634cc25b595b20afe3e704f5eb8adf36a551e3c23a12ecf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
etag
W/"814-17d2b269a90"
last-modified
Tue, 16 Nov 2021 23:48:10 GMT
x-powered-by
Express
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
date
Tue, 30 Nov 2021 17:31:21 GMT
Connection
keep-alive
accept-ranges
bytes
transfer-encoding
chunked
build-number
2196
bundle.js
www.edocr.com/v/static/ 		2 MB
560 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/v/static/bundle.js
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.88.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-88-169.compute-1.amazonaws.com
Software
/ Express
Resource Hash
41942011c1267b78bc2586e719b9bd9554806be500237f0be6eae58d685190ca
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
etag
W/"201b62-17d2b360389"
last-modified
Wed, 17 Nov 2021 00:04:59 GMT
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
date
Tue, 30 Nov 2021 17:31:22 GMT
Connection
keep-alive
accept-ranges
bytes
transfer-encoding
chunked
build-number
2196
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6978
date
Tue, 30 Nov 2021 15:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 30 Nov 2021 17:35:03 GMT
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=962190909&t=pageview&_s=1&dl=https%3A%2F%2Fwww.edocr.com%2Fv%2Fm06w9ap4%2Fmackenzierodriguez961%2Ftrain-cat-for-enjoyable-enrichment-activities&ul=en-us&de=UTF-8&dt=Train%20Cat%20for%20Enjoyable%20Enrichment%20Activities!%20%7C%20edocr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1158840195&gjid=1999129110&cid=375196229.1638293482&tid=UA-160144-46&_gid=832637482.1638293482&_r=1&_slc=1&z=964352209
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.edocr.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 17:31:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.edocr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 30AB 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 30 Nov 2021 09:43:00 GMT
expires
Tue, 14 Dec 2021 09:43:00 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
28102
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
m06w9ap4
www.edocr.com/api-user/viewingSession/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/api-user/viewingSession/m06w9ap4?isEmbed=false
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.88.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-88-169.compute-1.amazonaws.com
Software
/ Express
Resource Hash
3d36d3312bb59105a359674cb303670013557d40f3ce44ee3f9d0634ad7ffa6d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
etag
W/"9c2-LXWtRVyZJy6LVCI47XWnfCYbRec"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
date
Tue, 30 Nov 2021 17:31:23 GMT
Connection
keep-alive
transfer-encoding
chunked
build-number
2196
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
921770fdb93ab19f37bce8181307c5dd44f2f5bfdf2db62872b70f6b1bd805ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99574
x-xss-protection
0
server
cafe
etag
15225778068560139962
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Nov 2021 17:31:23 GMT
restrictions
www.edocr.com/pas/v2/ViewingSessions/X9uiYLq3oXRImbGl_VabSTHYNOhJDE47EdNsapsTtlOSxQ-32a0tBGeZTgecrM3ezvuzL4wrBuJ2iGw9VaJA1wMq2p8CvndkLJ3WC0iAgE3N4hyjGkW0fmEv7kVOLZkLClhBlefZ2e79lg2rbrVo85Yo2O5KCIOG... 		226 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/v2/ViewingSessions/X9uiYLq3oXRImbGl_VabSTHYNOhJDE47EdNsapsTtlOSxQ-32a0tBGeZTgecrM3ezvuzL4wrBuJ2iGw9VaJA1wMq2p8CvndkLJ3WC0iAgE3N4hyjGkW0fmEv7kVOLZkLClhBlefZ2e79lg2rbrVo85Yo2O5KCIOGj0Mt_u3SOcw/restrictions
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.88.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-88-169.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
b1ba9fa4ad8fdf667f000a62ef0aebcd3b169d9e70a0e7079072471016139c68
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Gid
fL7KjfcKbTFLlaU9CLbVrg
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Accusoft-Parent-Pid
0
Accusoft-Parent-Taskid
0

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
pragma
no-cache
server
nginx
date
Tue, 30 Nov 2021 17:31:23 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
build-number
2196
expires
-1
0
www.edocr.com/pas/Page/q/ 		31 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Page/q/0?DocumentID=uX9uiYLq3oXRImbGl_VabSTHYNOhJDE47EdNsapsTtlOSxQ-32a0tBGeZTgecrM3ezvuzL4wrBuJ2iGw9VaJA1wMq2p8CvndkLJ3WC0iAgE3N4hyjGkW0fmEv7kVOLZkLClhBlefZ2e79lg2rbrVo85Yo2O5KCIOGj0Mt_u3SOcw&Scale=1&ContentType=svgb
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.88.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-88-169.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
3142e33c793c23fdbd67f6eeac80929801c5de2bd3f3a535526cb075ccd39162
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Accusoft-Gid
FJhWsobDObQ3fX3yP1F3TQ
Accept-Language
it-IT,it;q=0.9
Accusoft-Parent-Pid
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accusoft-Parent-Taskid
0

Response headers

date
Tue, 30 Nov 2021 17:31:23 GMT
content-encoding
gzip
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=1209600
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2196
truncated
/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8657baaa6b95a17c934001c3338f3cdff05bf8ce67ffe25c3b7ab53cd580241

Request headers

Referer
Origin
https://www.edocr.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
cookie.js
partner.googleadservices.com/gampad/ 		199 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.edocr.com&callback=_gfp_s_&client=ca-pub-6933461940627641
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
215c279fc46fb7b92e249f874db74acafb73b4fe8e22b6fe79f8f6cdef4927fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
188
x-xss-protection
0
integrator.js
adservice.google.it/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.it/adsid/integrator.js?domain=www.edocr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 17:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.edocr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 17:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6D71 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=8628223775&adk=2306401753&adf=1981261236&pi=t.ma~as.8628223775&w=350&lmt=1638293483&psa=0&format=350x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fm06w9ap4%2Fmackenzierodriguez961%2Ftrain-cat-for-enjoyable-enrichment-activities&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638293483152&bpp=5&bdt=1310&idt=151&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=5360337485124&frm=20&pv=2&ga_vid=375196229.1638293482&ga_sid=1638293483&ga_hid=962190909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-975&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C31063737&oid=2&pvsid=970618413930526&pem=597&tmod=838272998&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AB3ZmWkhPA&p=https%3A//www.edocr.com&dtd=165
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b574160f01f916d9719671ab050e28db5daa372cc07c763e13a890aa382fa17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 30 Nov 2021 17:31:23 GMT
server
cafe
content-length
213
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 30 Nov 2021 17:31:23 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06af5417f37445c7c1f12d72159d19a385ca31fc1f83e8001201e31b2df0540d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 17:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9197
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CB06 		436 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=600&slotname=3952982610&adk=937441900&adf=3095482696&pi=t.ma~as.3952982610&w=120&lmt=1638293483&psa=0&format=120x600&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fm06w9ap4%2Fmackenzierodriguez961%2Ftrain-cat-for-enjoyable-enrichment-activities&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638293483157&bpp=1&bdt=1315&idt=168&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250&correlator=5360337485124&frm=20&pv=1&ga_vid=375196229.1638293482&ga_sid=1638293483&ga_hid=962190909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=25&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C31063737&oid=2&pvsid=970618413930526&pem=597&tmod=838272998&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8gakG94fAm&p=https%3A//www.edocr.com&dtd=171
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
685e98f6c3c5c04dafb36c78eef3f5eb1d6e7c591acc188efeb37b183fdd4df2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 30 Nov 2021 17:31:23 GMT
server
cafe
content-length
214
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 30 Nov 2021 17:31:23 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame A781 		436 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=485626509&pi=t.ma~as.4103433139&w=300&lmt=1638293483&psa=0&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fm06w9ap4%2Fmackenzierodriguez961%2Ftrain-cat-for-enjoyable-enrichment-activities&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638293483158&bpp=1&bdt=1316&idt=172&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600&correlator=5360337485124&frm=20&pv=1&ga_vid=375196229.1638293482&ga_sid=1638293483&ga_hid=962190909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1270&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C31063737&oid=2&pvsid=970618413930526&pem=597&tmod=838272998&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0QpJgCZXVd&p=https%3A//www.edocr.com&dtd=174
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce629f0ae8c06489fd327d747458593c1e908798f9df1f60cda294cd8bfcdc29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 30 Nov 2021 17:31:23 GMT
server
cafe
content-length
211
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 30 Nov 2021 17:31:23 GMT
cache-control
private
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fm06w9ap4%2Fmackenzierodriguez961%2Ftrain-cat-for-enjoyable-enrichment-activities&tn=DIV&cls=overlay&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 17:31:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fm06w9ap4%2Fmackenzierodriguez961%2Ftrain-cat-for-enjoyable-enrichment-activities&tn=HEADER&cls=MuiPaper-root%20MuiAppBar-root%20MuiAppBar-positionFixed%20MuiAppBar-colorPrimary%20jss2%20mui-fixed%20MuiPaper-elevation4&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 17:31:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 12ED 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&adk=1812271804&adf=3025194257&lmt=1638293483&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Fm06w9ap4%2Fmackenzierodriguez961%2Ftrain-cat-for-enjoyable-enrichment-activities&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638293483177&bpp=1&bdt=1334&idt=157&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600%2C300x250&nras=1&correlator=5360337485124&frm=20&pv=1&ga_vid=375196229.1638293482&ga_sid=1638293483&ga_hid=962190909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C31063737&oid=2&pvsid=970618413930526&pem=597&tmod=838272998&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=161
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 30 Nov 2021 17:31:23 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 30 Nov 2021 17:31:23 GMT
cache-control
private
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 30 Nov 2021 17:31:23 GMT
truncated
/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87395b1b2a7f4a3f1054548222054bba07abf8c7ea9bd2ff5abc3d18e2b7a915

Request headers

Referer
Origin
https://www.edocr.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
Attributes
www.edocr.com/pas/Document/q/ 		41 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Document/q/Attributes?DocumentID=uX9uiYLq3oXRImbGl_VabSTHYNOhJDE47EdNsapsTtlOSxQ-32a0tBGeZTgecrM3ezvuzL4wrBuJ2iGw9VaJA1wMq2p8CvndkLJ3WC0iAgE3N4hyjGkW0fmEv7kVOLZkLClhBlefZ2e79lg2rbrVo85Yo2O5KCIOGj0Mt_u3SOcw&DesiredPageCountConfidence=50
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.88.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-88-169.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
bcab48b3f1aadb1e6d912268c74f42e99b9df23bfc5dcecac53cfc8a3281ed44
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Gid
d3KpHtF7iCfWc87UssAS4Q
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Accusoft-Parent-Pid
0
Accusoft-Parent-Taskid
0

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-powered-by
Express
transfer-encoding
chunked
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
date
Tue, 30 Nov 2021 17:31:23 GMT
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-headers
*
build-number
2196
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8E40 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 30 Nov 2021 16:54:33 GMT
expires
Wed, 30 Nov 2022 16:54:33 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 10F6 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d203065689c7c5220911f14cf568d39852479dfa2cccdce053259f5358be4e1f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-M5efsrA79uiebdWpYpY6aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 30 Nov 2021 17:31:23 GMT
date
Tue, 30 Nov 2021 17:31:23 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-M5efsrA79uiebdWpYpY6aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 8E40 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 12:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
18263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 12:27:00 GMT
1
www.edocr.com/pas/Page/q/ 		28 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Page/q/1?DocumentID=uX9uiYLq3oXRImbGl_VabSTHYNOhJDE47EdNsapsTtlOSxQ-32a0tBGeZTgecrM3ezvuzL4wrBuJ2iGw9VaJA1wMq2p8CvndkLJ3WC0iAgE3N4hyjGkW0fmEv7kVOLZkLClhBlefZ2e79lg2rbrVo85Yo2O5KCIOGj0Mt_u3SOcw&Scale=1&ContentType=svgb
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.88.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-88-169.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
c97ed38748cf60ac6f01add1a0e2b57af4ab50edebe71af47af6e0482b1fa681
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Accusoft-Gid
KgELPlhCNBBUVBStQ6KY7w
Accept-Language
it-IT,it;q=0.9
Accusoft-Parent-Pid
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accusoft-Parent-Taskid
0

Response headers

date
Tue, 30 Nov 2021 17:31:23 GMT
content-encoding
gzip
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=1209600
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2196
2
www.edocr.com/pas/Page/q/ 		27 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Page/q/2?DocumentID=uX9uiYLq3oXRImbGl_VabSTHYNOhJDE47EdNsapsTtlOSxQ-32a0tBGeZTgecrM3ezvuzL4wrBuJ2iGw9VaJA1wMq2p8CvndkLJ3WC0iAgE3N4hyjGkW0fmEv7kVOLZkLClhBlefZ2e79lg2rbrVo85Yo2O5KCIOGj0Mt_u3SOcw&Scale=1&ContentType=svgb
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.88.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-88-169.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
b95b72e7343b3b381c9cc45f77a9e1c5d5b8dfd98a183e9e478e8c287b50b2d3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Accusoft-Gid
26KsoMIvl4BTmJXmljnY3A
Accept-Language
it-IT,it;q=0.9
Accusoft-Parent-Pid
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accusoft-Parent-Taskid
0

Response headers

date
Tue, 30 Nov 2021 17:31:23 GMT
content-encoding
gzip
x-powered-by
Express
Connection
keep-alive
Content-Length
14449
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=1209600
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2196
sodar
pagead2.googlesyndication.com/pagead/ Frame 10F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=970618413930526&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=970618413930526&bg=!l5SllNDNAAZQLpa_UC47ACkAdvg8WjPYjDfwdLHqIxXBpebxCEr0Rb6l2eZ50N8FHmpOs4I_ZprEPgIAAABpUgAAAAdoAQcKABq661XXG-fCQTh6X2L1umtdamFmjCn7n1n21JkCgf6JOFfaGZJm4-2AIzsL7varJ120VwSI9_G3A02GwMF_diTGKWoMPL-rRZOPz9xX7qcfrtruiISsvsaZZwzWKtj8HRM43tJDW1a_qk5dvf7rmCpnWZcQmGtSPL3sEatERJU9I2-pR9M2EYTHsF4WLESiol5fzizJ4Pahj0vIShw8aIjXl_xepGWLIm-VPJQhYpDxD-5f6qtIWl0ySsMrOg9N3Vv5v_e4exK0iATMwHqLelPdaAIRuDrvxG8O9Nd7dAlyssvsqtSYz2xH2zgjWkTHGkZjQmJbKHF5F9uzW3kyUgXQm3-vwoeEBJZ9E_atGz2Jf8Po6zm_U_TU8mH1_JQsos5bxslHtmO6TFgWZp1BWbcTKGJFGmGYMegaZKC-Uva_cHPsoVLP48wJGHjV54rQqIgLaYxPA8OA3TeymdPsvLiWFODmdkSEsYbDDl698N1h6AHisDxx-8RLeiWGWjsJ0j4VCcbKHmu_3YufUz1oJ1b9bY53jGXaS5VYEtGlucmRvVny2c_Q6rnNIswMIB4B_eirebuCFLhMmW-I5zAVVaJVXuBOSaQ0husIVH9VJBYljQr3XGML1OKnNOvPjOYkl4cd1NF_DjRALAmbtdDyh-Rp0BIHLud6WyI41EvtduI6WvNVHsg4Nzde5DRirXWMxWdjaxAbiXtbXDaM9BdXejvkdolhFDTKWRjZZOx8gQ9BLxL8eApDDtLrI8gaInUlZFMi8SqW8Cb-z6XAQjKBe1j3OcN00zXc7WGtV5Q8Q-49sc3AblJSfpuNGL9uw1WJ6QApbkuRInfZgPg4mljY2kSFXm0--soWVUHfbbD1Ew0Rl1E0MEm_zEbPH2ARJZK0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 17:31:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Text
www.edocr.com/pas/Document/q/0-0/ 		81 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Document/q/0-0/Text?DocumentID=uX9uiYLq3oXRImbGl_VabSTHYNOhJDE47EdNsapsTtlOSxQ-32a0tBGeZTgecrM3ezvuzL4wrBuJ2iGw9VaJA1wMq2p8CvndkLJ3WC0iAgE3N4hyjGkW0fmEv7kVOLZkLClhBlefZ2e79lg2rbrVo85Yo2O5KCIOGj0Mt_u3SOcw
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.88.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-88-169.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
8385167a089d1c7a0074d038fdfafea990beaded561048aec3812d4a57fda6c1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Parent-Name
ViewerControl
Accusoft-Gid
EQ39HjuTS1mVAO19TkFMUw
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json
Referer
https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Accusoft-Parent-Pid
0
Accusoft-Parent-Taskid
0

Response headers

date
Tue, 30 Nov 2021 17:31:24 GMT
content-encoding
gzip
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
pragma
no-cache
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2196
expires
-1
Text
www.edocr.com/pas/Document/q/1-1/ 		85 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Document/q/1-1/Text?DocumentID=uX9uiYLq3oXRImbGl_VabSTHYNOhJDE47EdNsapsTtlOSxQ-32a0tBGeZTgecrM3ezvuzL4wrBuJ2iGw9VaJA1wMq2p8CvndkLJ3WC0iAgE3N4hyjGkW0fmEv7kVOLZkLClhBlefZ2e79lg2rbrVo85Yo2O5KCIOGj0Mt_u3SOcw
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.88.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-88-169.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
dc2638ec031ab335248b3f3d2b2166584e9b10d9b75e354900ec93b4464dfb9b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Parent-Name
ViewerControl
Accusoft-Gid
ZFErsseQeaNh7RFE7AgPyw
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json
Referer
https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Accusoft-Parent-Pid
0
Accusoft-Parent-Taskid
0

Response headers

date
Tue, 30 Nov 2021 17:31:25 GMT
content-encoding
gzip
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
pragma
no-cache
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2196
expires
-1
Text
www.edocr.com/pas/Document/q/2-2/ 		76 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Document/q/2-2/Text?DocumentID=uX9uiYLq3oXRImbGl_VabSTHYNOhJDE47EdNsapsTtlOSxQ-32a0tBGeZTgecrM3ezvuzL4wrBuJ2iGw9VaJA1wMq2p8CvndkLJ3WC0iAgE3N4hyjGkW0fmEv7kVOLZkLClhBlefZ2e79lg2rbrVo85Yo2O5KCIOGj0Mt_u3SOcw
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.88.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-88-169.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
1d185eeac3602c652f03aa0fcded9c64549da19e360b1d5310267c08eaee81ef
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Parent-Name
ViewerControl
Accusoft-Gid
CNTvF8gME68PINvmFkdjig
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json
Referer
https://www.edocr.com/v/m06w9ap4/mackenzierodriguez961/train-cat-for-enjoyable-enrichment-activities
Accusoft-Parent-Pid
0
Accusoft-Parent-Taskid
0

Response headers

date
Tue, 30 Nov 2021 17:31:25 GMT
content-encoding
gzip
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
pragma
no-cache
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2196
expires
-1

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint function| setImmediate function| clearImmediate object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| IPCC object| PCCViewer function| setDetailsPaneVisible object| vc object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| documentInfo function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| GoogleGcLKhOms boolean| viewerReady boolean| pageFitted boolean| initialScroll

5 Cookies

Domain/Path Name / Value
.edocr.com/ Name: _ga
Value: GA1.2.375196229.1638293482
.edocr.com/ Name: _gid
Value: GA1.2.832637482.1638293482
.edocr.com/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.edocr.com/ Name: __gads
Value: ID=8b90bc273c2c2b23-220fb2bf16cc0072:T=1638293483:RT=1638293483:S=ALNI_MZMo-e-oVnbS7Wj763Lx1Q3XiTMFg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.it
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.edocr.com
www.google-analytics.com
www.google.com
142.250.185.130
2a00:1450:4001:808::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2004
34.194.88.169
0187a824dce61314dbba2200353520dcc9c07524d8c1b91d0ac98e48061a5af7
06af5417f37445c7c1f12d72159d19a385ca31fc1f83e8001201e31b2df0540d
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
1b574160f01f916d9719671ab050e28db5daa372cc07c763e13a890aa382fa17
1d185eeac3602c652f03aa0fcded9c64549da19e360b1d5310267c08eaee81ef
215c279fc46fb7b92e249f874db74acafb73b4fe8e22b6fe79f8f6cdef4927fa
3142e33c793c23fdbd67f6eeac80929801c5de2bd3f3a535526cb075ccd39162
3d36d3312bb59105a359674cb303670013557d40f3ce44ee3f9d0634ad7ffa6d
41942011c1267b78bc2586e719b9bd9554806be500237f0be6eae58d685190ca
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
65e4e63638e9c69fe634cc25b595b20afe3e704f5eb8adf36a551e3c23a12ecf
685e98f6c3c5c04dafb36c78eef3f5eb1d6e7c591acc188efeb37b183fdd4df2
8385167a089d1c7a0074d038fdfafea990beaded561048aec3812d4a57fda6c1
87395b1b2a7f4a3f1054548222054bba07abf8c7ea9bd2ff5abc3d18e2b7a915
921770fdb93ab19f37bce8181307c5dd44f2f5bfdf2db62872b70f6b1bd805ed
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a282c187187d03788324d6edfd084820766a3ce032ae41907fdef18044a66003
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b1ba9fa4ad8fdf667f000a62ef0aebcd3b169d9e70a0e7079072471016139c68
b8657baaa6b95a17c934001c3338f3cdff05bf8ce67ffe25c3b7ab53cd580241
b95b72e7343b3b381c9cc45f77a9e1c5d5b8dfd98a183e9e478e8c287b50b2d3
bcab48b3f1aadb1e6d912268c74f42e99b9df23bfc5dcecac53cfc8a3281ed44
c97ed38748cf60ac6f01add1a0e2b57af4ab50edebe71af47af6e0482b1fa681
ce629f0ae8c06489fd327d747458593c1e908798f9df1f60cda294cd8bfcdc29
d203065689c7c5220911f14cf568d39852479dfa2cccdce053259f5358be4e1f
dc2638ec031ab335248b3f3d2b2166584e9b10d9b75e354900ec93b4464dfb9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855