urlscan.io logo urlscan.io
SecurityTrails logo

doktox.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://finditfasts.com/search?q=G
Effective URL: https://doktox.com/q/index?q=G
Submission: On May 28 via api from US — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 24 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is doktox.com.
TLS certificate: Issued by WE1 on May 17th 2025. Valid for: 3 months.
This is the only time doktox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.216.250 13335 (CLOUDFLAR...)
3 188.114.96.3 13335 (CLOUDFLAR...)
3 172.217.16.206 15169 (GOOGLE)
1 104.20.6.70 13335 (CLOUDFLAR...)
1 149.56.240.130 16276 (OVH OVH SAS)
5 142.250.186.100 15169 (GOOGLE)
1 142.250.186.110 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
4 142.250.186.78 15169 (GOOGLE)
5 142.250.185.238 15169 (GOOGLE)
24 9
1    172.67.216.250 (United States)

ASN13335 (CLOUDFLARENET, US)
finditfasts.com
3    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
doktox.com
3    172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net
cse.google.com
1    104.20.6.70 (None, )

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    149.56.240.130 (Montreal, Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: ns534298.ip-149-56-240.net
s4.histats.com
5    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
1    142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net
clients1.google.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
4    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
syndicatedsearch.goog
5    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
encrypted-tbn0.gstatic.com
Apex Domain
Subdomains		 Transfer
9 google.com
cse.google.com — Cisco Umbrella Rank: 3821
www.google.com — Cisco Umbrella Rank: 9
clients1.google.com — Cisco Umbrella Rank: 797
165 KB
5 gstatic.com
encrypted-tbn0.gstatic.com
35 KB
4 syndicatedsearch.goog
syndicatedsearch.goog — Cisco Umbrella Rank: 3979
52 KB
3 doktox.com
doktox.com
5 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 6049
s4.histats.com — Cisco Umbrella Rank: 5939
5 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 4968
262 B
1 finditfasts.com
finditfasts.com
506 B
24 7
Domain Requested by
5 encrypted-tbn0.gstatic.com doktox.com
5 www.google.com cse.google.com
www.google.com
doktox.com
4 syndicatedsearch.goog cse.google.com
syndicatedsearch.goog
3 cse.google.com doktox.com
www.google.com
3 doktox.com doktox.com
1 partner.googleadservices.com cse.google.com
1 clients1.google.com doktox.com
1 s4.histats.com s10.histats.com
1 s10.histats.com doktox.com
1 finditfasts.com 1 redirects
24 10
Subject Issuer Validity Valid
doktox.com
WE1		 2025-05-17 -
2025-08-15		 3 months crt.sh
*.google.com
WE2		 2025-05-12 -
2025-08-04		 3 months crt.sh
s10.histats.com
WE1		 2025-04-15 -
2025-07-14		 3 months crt.sh
histats.com
R11		 2025-04-19 -
2025-07-18		 3 months crt.sh
*.googleadservices.com
WE2		 2025-05-12 -
2025-08-04		 3 months crt.sh
syndicatedsearch.goog
WE2		 2025-05-12 -
2025-08-04		 3 months crt.sh
*.gstatic.com
WE2		 2025-05-12 -
2025-08-04		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://doktox.com/q/index?q=G
Frame ID: 50AFB14986DD06349C3D72BC9B086A58
Requests: 20 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads/i/iframe.html
Frame ID: B0A5566EFE69FF325AFD15FB046E1FA2
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads/i/iframe.html
Frame ID: 8E9BD9AFA8719787D3DDA3C772409CCA
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/cse_v2/ads?adsafe=low&cx=61a70347e50e593bb&fexp=20606%2C17301431%2C17301434%2C17301435%2C17301548%2C17301266%2C72717108&client=google-coop&q=G&r=m&hl=iw&ivt=0&type=0&oe=UTF-8&ie=UTF-8&format=p4&ad=p4&nocache=4021748406526315&num=0&output=uds_ads_only&source=gcsc&v=3&bsl=10&pac=0&u_his=2&u_tz=180&dt=1748406526316&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=79&frm=0&uio=-&drt=0&jsid=csa&nfp=1&jsv=761064736&rurl=https%3A%2F%2Fdoktox.com%2Fq%2Findex%3Fq%3DG
Frame ID: B6F4685BF6282D3262BB5C139795E1AB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Search Results

Page URL History Show full URLs

  1. https://finditfasts.com/search?q=G HTTP 302
    https://doktox.com/q/index?q=G Page URL

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

9
IPs

4
Countries

262 kB
Transfer

692 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://finditfasts.com/search?q=G HTTP 302
    https://doktox.com/q/index?q=G Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index
doktox.com/q/
Redirect Chain
  • https://finditfasts.com/search?q=G
  • https://doktox.com/q/index?q=G
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://doktox.com/q/index?q=G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
922bc69165f500a01363b8728eef1baadd8e2034c51bb6446d5a2f1338655eb1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
946b01ca4a427d9e-TLV
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 28 May 2025 04:28:44 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=0i3jM3uOe16Zf7UemBY02aEXx3CVsCD6cayAU3sx39OGPGDbWjJ9YG4y3DMtOLUTiLsMw%2Fu%2FTQLMII2HgiM5MSpuQxvdvvZWvyk%3D"}]}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
946b01c57f1d18ef-FRA
content-type
text/html; charset=UTF-8
date
Wed, 28 May 2025 04:28:44 GMT
location
https://doktox.com/q/index?q=G
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
referrer-policy
no-referrer
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DlpIzgDaSKJrIooyBPqAk1JKxjr6wvi2yAbG4IEMnDKYF68PhHd0%2F8ofrWKA4r3CqTUdbUj1ZeNgfWsGyrWGJtFmp2hD9V1%2F15SC7Alz1g%3D%3D"}]}
server
cloudflare
vary
User-Agent
x-turbo-charged-by
LiteSpeed
cse.js
cse.google.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=61a70347e50e593bb
Requested by
Host: doktox.com
URL: https://doktox.com/q/index?q=G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
gws /
Resource Hash
e6fb8c450839963d9bcd67458658237130672d419cfbcfe8920389f16d24508b
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-LJ3R73R4jRep7oLJ-4Gekw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-LJ3R73R4jRep7oLJ-4Gekw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
content-encoding
br
accept-ch
Downlink, RTT, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3264
date
Wed, 28 May 2025 04:28:45 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
gws
x-frame-options
SAMEORIGIN
pretty.css
doktox.com/q/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doktox.com/q/pretty.css
Requested by
Host: doktox.com
URL: https://doktox.com/q/index?q=G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f67566eb6e374523a43d8a34811174e4cacf335de9c68179383a36140aef1b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/q/index?q=G

Response headers

content-encoding
br
cf-cache-status
HIT
etag
age
378914
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hMU8lUeTStqncKvD2qZ4RDPCa0b2sh8Gok4O971knrwmTgMLIe0z6I%2FCUOVK%2ByPb%2FEpQNKcAeu2x1GUGXpEfA%2FRzXrqaH2ECgaI%3D"}]}
expires
Fri, 30 May 2025 19:13:30 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 28 May 2025 04:28:45 GMT
content-type
text/css
last-modified
Wed, 02 Oct 2024 02:49:41 GMT
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray
946b01cd6c7f7d9e-TLV
accept-ranges
bytes
content-length
1274
x-turbo-charged-by
LiteSpeed
server
cloudflare
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: doktox.com
URL: https://doktox.com/q/index?q=G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.6.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

cache-control
max-age=28800
content-encoding
gzip
cf-cache-status
HIT
etag
"-375139978"
age
32446
cf-ray
946b01cf1b11c21f-TLV
accept-ranges
bytes
content-length
4547
date
Wed, 28 May 2025 04:28:45 GMT
content-type
text/javascript
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
vary
Accept-Encoding
server
cloudflare
0.php
s4.histats.com/stats/ 		50 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4853812&@f16&@g1&@h1&@i1&@j1748406525344&@k0&@l1&@mSearch%20Results&@n0&@o1000&@q0&@r0&@s0&@the-IL&@u1600&@b1:-50284160&@b3:1748406525&@b4:js15_as.js&@b5:180&@a-_0.2.1&@vhttps%3A%2F%2Fdoktox.com%2Fq%2Findex%3Fq%3DG&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.130 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns534298.ip-149-56-240.net
Software
/
Resource Hash
6ff56c925fd6bc35f471037be2d2a5780a68f8d8598bd095f2d207b4cabf3f37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

Content-Length
50
Date
Wed, 28 May 2025 04:28:45 GMT
Content-Type
text/html;charset=UTF-8
Connection
close
cse_element__he.js
www.google.com/cse/static/element/9d4779bf0a3053cc/ 		291 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/9d4779bf0a3053cc/cse_element__he.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=61a70347e50e593bb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
sffe /
Resource Hash
7a469812c158a92c86add25f649d9d9cbafc9cfcbef82e15e6a62027e7306a02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

content-encoding
gzip
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Wed, 28 May 2025 04:28:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 04:28:45 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Tue, 22 Apr 2025 19:25:56 GMT
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
96744
x-xss-protection
0
server
sffe
default+he.css
www.google.com/cse/static/element/9d4779bf0a3053cc/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/9d4779bf0a3053cc/default+he.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=61a70347e50e593bb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
sffe /
Resource Hash
dade99c2080c321de219d051e4369a63ebfac8a0c53d2edb5a591df242bdf81f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

content-encoding
gzip
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Wed, 28 May 2025 04:28:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 04:28:45 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Tue, 22 Apr 2025 19:25:56 GMT
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
6053
x-xss-protection
0
server
sffe
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=61a70347e50e593bb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

content-encoding
gzip
age
2094
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Wed, 28 May 2025 04:43:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 03:53:51 GMT
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
1345
x-xss-protection
0
server
sffe
async-ads.js
cse.google.com/adsense/search/ 		137 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/9d4779bf0a3053cc/cse_element__he.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
sffe /
Resource Hash
1e94bbd0ba5648e2e7ebab7c9f74fb8e439bbe2922bce17ced2e9a6c0f3b4fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

content-encoding
gzip
etag
"4409995997628529820"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Wed, 28 May 2025 04:28:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 04:28:46 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
x-xss-protection
0
server
sffe
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/9d4779bf0a3053cc/default+he.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.google.com/cse/static/element/9d4779bf0a3053cc/default+he.css

Response headers

age
69143
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 09:16:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:16:23 GMT
last-modified
Mon, 25 May 2020 08:30:00 GMT
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
1018
x-xss-protection
0
server
sffe
branding.png
www.google.com/cse/static/images/1x/he/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/he/branding.png
Requested by
Host: doktox.com
URL: https://doktox.com/q/index?q=G
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
sffe /
Resource Hash
802a23298f113152841ca618196cb003c66f9ca4775b866b7b48707114e46850
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

age
68569
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 09:25:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:25:57 GMT
last-modified
Thu, 07 Dec 2023 21:00:00 GMT
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
1386
x-xss-protection
0
server
sffe
v1
cse.google.com/cse/element/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse/element/v1?rsz=filtered_cse&num=10&hl=iw&source=gcsc&cselibv=9d4779bf0a3053cc&cx=61a70347e50e593bb&q=G&safe=off&cse_tok=AB-tC_7RNc0oFYnkPjsZXPeu_jcl%3A1748406525359&lr=&cr=&gl=&filter=0&sort=&as_oq=&as_sitesearch=&exp=cc%2Capo&callback=google.search.cse.api19781&rurl=https%3A%2F%2Fdoktox.com%2Fq%2Findex%3Fq%3DG
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/9d4779bf0a3053cc/cse_element__he.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
049fcc0410dd898948f4c308c04ff84aa688ff348843ed1e781d2e78ec937c0f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2benMOSTRJq0f526da7CSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/QualityProseCsqrElementHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/QualityProseCsqrElementHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/QualityProseCsqrElementHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 04:28:46 GMT
content-type
application/javascript; charset=utf-8
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/QualityProseCsqrElementHttp/web-reports?context=eJzj4tHikmJw05BiOLPgGqsQD8e_hbcOsgn86G-dyKhkkpRfGF9YmpiTWVJZUJRfnJpcXFiUmpOam5pXklFSUlCcWlSWWhRvZGBkamBqZKZnYBxfYAAAoYAc8A"
content-security-policy
script-src 'report-sample' 'nonce-2benMOSTRJq0f526da7CSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/QualityProseCsqrElementHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/QualityProseCsqrElementHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/QualityProseCsqrElementHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
generate_204
clients1.google.com/ 		0
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: doktox.com
URL: https://doktox.com/q/index?q=G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 28 May 2025 04:28:46 GMT
cross-origin-resource-policy
cross-origin
cookie.js
partner.googleadservices.com/gampad/ 		374 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=doktox.com&client=google-coop&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2
Requested by
Host: cse.google.com
URL: https://cse.google.com/adsense/search/async-ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
548a1120d17a386dc1d3aaeaa51a1a4141c1f02cbe99f04f6c979bb8eedaef66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
241
date
Wed, 28 May 2025 04:28:46 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
iframe.html
syndicatedsearch.goog/afs/ads/i/ Frame B0A5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndicatedsearch.goog/afs/ads/i/iframe.html
Requested by
Host: cse.google.com
URL: https://cse.google.com/adsense/search/async-ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
sffe /
Resource Hash
16793710620cf5ce017bfd73100024828ee41a94042cc8ab798d4acd27a5bb45
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-rEcDnOyrSyYZdh_wSy3MsA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://doktox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
725
content-security-policy
script-src 'nonce-rEcDnOyrSyYZdh_wSy3MsA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
date
Wed, 28 May 2025 04:28:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 17 Sep 2024 06:00:00 GMT
pragma
no-cache
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iframe.html
syndicatedsearch.goog/afs/ads/i/ Frame 8E9B 		2 KB
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://syndicatedsearch.goog/afs/ads/i/iframe.html
Requested by
Host: cse.google.com
URL: https://cse.google.com/adsense/search/async-ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
sffe /
Resource Hash
16793710620cf5ce017bfd73100024828ee41a94042cc8ab798d4acd27a5bb45
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-rEcDnOyrSyYZdh_wSy3MsA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://doktox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-length
725
content-security-policy
script-src 'nonce-rEcDnOyrSyYZdh_wSy3MsA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
date
Wed, 28 May 2025 04:28:46 GMT
expires
Wed, 28 May 2025 04:28:46 GMT
last-modified
Tue, 17 Sep 2024 06:00:00 GMT
pragma
no-cache
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
syndicatedsearch.goog/cse_v2/ Frame B6F4 		883 B
947 B 		Document
General
Check archive.org
Download Go to
Full URL
https://syndicatedsearch.goog/cse_v2/ads?adsafe=low&cx=61a70347e50e593bb&fexp=20606%2C17301431%2C17301434%2C17301435%2C17301548%2C17301266%2C72717108&client=google-coop&q=G&r=m&hl=iw&ivt=0&type=0&oe=UTF-8&ie=UTF-8&format=p4&ad=p4&nocache=4021748406526315&num=0&output=uds_ads_only&source=gcsc&v=3&bsl=10&pac=0&u_his=2&u_tz=180&dt=1748406526316&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=79&frm=0&uio=-&drt=0&jsid=csa&nfp=1&jsv=761064736&rurl=https%3A%2F%2Fdoktox.com%2Fq%2Findex%3Fq%3DG
Requested by
Host: cse.google.com
URL: https://cse.google.com/adsense/search/async-ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
gws /
Resource Hash
1ad5f27d463e600af721fc5660713253a0cb6bc4c7252ea43a3d732d6e263ccc
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-tTqAstaMRhRkvu8bPHsQ8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://doktox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ch
Downlink RTT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
br
content-length
533
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-tTqAstaMRhRkvu8bPHsQ8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Wed, 28 May 2025 04:28:46 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
images
encrypted-tbn0.gstatic.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTSlNidDBNit-v9gE8ssC0SwwoSWv6N8CuPGrvvhidSVheDiSkQ1raww5A&s
Requested by
Host: doktox.com
URL: https://doktox.com/q/index?q=G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
84ec51d044b5f3ff86c1034026f54ff8be4b40dd7aaee341191af3bc8a27f8a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

age
85057
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 04:51:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 04:51:09 GMT
last-modified
Sun, 09 Nov 2025 08:51:37 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
content-length
8993
x-xss-protection
0
server
sffe
images
encrypted-tbn0.gstatic.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSszwLjY8YLEr9QGw66mhO4WpiKDU3IeJnW2q0Zl6PMZDqpbQlR9PAhvMED&s
Requested by
Host: doktox.com
URL: https://doktox.com/q/index?q=G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
8c3d484c440211dee7676effff3b5b9498cb62568ae17e38f4c6eb16fb33b97c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options
nosniff
expires
Thu, 28 May 2026 04:28:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 04:28:46 GMT
content-type
image/jpeg
last-modified
Sun, 08 Jun 2025 05:54:30 GMT
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
content-length
9936
x-xss-protection
0
server
sffe
images
encrypted-tbn0.gstatic.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSAmtfQYppatOr4G6OiGK5Gwkka9k7Gf0zprH_GZkSobzA9BW4GLxcr2fiY&s
Requested by
Host: doktox.com
URL: https://doktox.com/q/index?q=G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
5d10b288d63689995a20442287541db6fec89e4385fa5b9466b79450d990aebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options
nosniff
expires
Thu, 28 May 2026 04:28:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 04:28:46 GMT
content-type
image/jpeg
last-modified
Sat, 28 May 2022 20:56:45 GMT
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
content-length
4226
x-xss-protection
0
server
sffe
images
encrypted-tbn0.gstatic.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcR6urR5W2-CRTeaCakCawterZXJhJkzN-1eJxoguwnx52jI7jipiR01h_on&s
Requested by
Host: doktox.com
URL: https://doktox.com/q/index?q=G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
ac650fb0013fc87d948e625cd2d8eefcdd4e6c473a965afdd5dce22948815eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options
nosniff
expires
Thu, 28 May 2026 04:28:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 04:28:46 GMT
content-type
image/jpeg
last-modified
Mon, 19 May 2025 01:32:43 GMT
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
content-length
9733
x-xss-protection
0
server
sffe
images
encrypted-tbn0.gstatic.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQjTPfXeldwNeebGaNRBUm8gI32oKL5FyP4A79LGcCRC6k7ulvGwCq13Yi0&s
Requested by
Host: doktox.com
URL: https://doktox.com/q/index?q=G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
af91824c18a7211338055155201050de261a062f39b6e3cea8c9955a0a42f3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/

Response headers

report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options
nosniff
expires
Thu, 28 May 2026 04:28:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 04:28:46 GMT
content-type
image/jpeg
last-modified
Fri, 08 Jul 2022 08:10:20 GMT
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
content-length
2474
x-xss-protection
0
server
sffe
async-ads.js
syndicatedsearch.goog/adsense/search/ Frame B6F4 		137 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://syndicatedsearch.goog/adsense/search/async-ads.js?pac=0
Requested by
Host: syndicatedsearch.goog
URL: https://syndicatedsearch.goog/cse_v2/ads?adsafe=low&cx=61a70347e50e593bb&fexp=20606%2C17301431%2C17301434%2C17301435%2C17301548%2C17301266%2C72717108&client=google-coop&q=G&r=m&hl=iw&ivt=0&type=0&oe=UTF-8&ie=UTF-8&format=p4&ad=p4&nocache=4021748406526315&num=0&output=uds_ads_only&source=gcsc&v=3&bsl=10&pac=0&u_his=2&u_tz=180&dt=1748406526316&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=79&frm=0&uio=-&drt=0&jsid=csa&nfp=1&jsv=761064736&rurl=https%3A%2F%2Fdoktox.com%2Fq%2Findex%3Fq%3DG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
sffe /
Resource Hash
8600b3f2eecce7cc0727b4f4057cc6ecc7ff48ad7c1b873438b26b07bf184940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://syndicatedsearch.goog/

Response headers

content-encoding
gzip
etag
"3449753484403384629"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Wed, 28 May 2025 04:28:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 04:28:46 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
x-xss-protection
0
server
sffe
favicon.ico
doktox.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://doktox.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://doktox.com/q/index?q=G

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Nclr5zG8I17ITQ81wlOUVNFg8NgIFl2cm7m0ZEfUp%2Fn7Js44oSP7RBF5x%2ByG0xNJz75Em3muyPexSrWAu81n59uzmUsgv0sU6Z4%3D"}]}
cf-ray
946b01db0b797d95-TLV
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 28 May 2025 04:28:47 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/html
vary
User-Agent, accept-encoding
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

26 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| makenicer function| myResultsReadyCallback object| __gcse function| setCookie function| getCookie function| getParam object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId number| googleNDT_ number| googleAltLoader function| __sasCookie

8 Cookies

Domain/Path Name / Value
doktox.com/ Name: HstCfa4853812
Value: 1748406525344
doktox.com/ Name: HstCla4853812
Value: 1748406525344
doktox.com/ Name: HstCmu4853812
Value: 1748406525344
doktox.com/ Name: HstPn4853812
Value: 1
doktox.com/ Name: HstPt4853812
Value: 1
doktox.com/ Name: HstCnv4853812
Value: 1
doktox.com/ Name: HstCns4853812
Value: 1
.doktox.com/ Name: __gsas
Value: ID=1ca3c2184b5aa001:T=1748406526:RT=1748406526:S=ALNI_MbfcuVgKSsXS3gnw5fF8y649LovYw

1 Console Messages

Source Level URL
Text
network error URL: https://doktox.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clients1.google.com
cse.google.com
doktox.com
encrypted-tbn0.gstatic.com
finditfasts.com
partner.googleadservices.com
s10.histats.com
s4.histats.com
syndicatedsearch.goog
www.google.com
104.20.6.70
142.250.184.226
142.250.185.238
142.250.186.100
142.250.186.110
142.250.186.78
149.56.240.130
172.217.16.206
172.67.216.250
188.114.96.3
049fcc0410dd898948f4c308c04ff84aa688ff348843ed1e781d2e78ec937c0f
16793710620cf5ce017bfd73100024828ee41a94042cc8ab798d4acd27a5bb45
1ad5f27d463e600af721fc5660713253a0cb6bc4c7252ea43a3d732d6e263ccc
1e94bbd0ba5648e2e7ebab7c9f74fb8e439bbe2922bce17ced2e9a6c0f3b4fda
1f67566eb6e374523a43d8a34811174e4cacf335de9c68179383a36140aef1b4
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
548a1120d17a386dc1d3aaeaa51a1a4141c1f02cbe99f04f6c979bb8eedaef66
5d10b288d63689995a20442287541db6fec89e4385fa5b9466b79450d990aebf
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
6ff56c925fd6bc35f471037be2d2a5780a68f8d8598bd095f2d207b4cabf3f37
7a469812c158a92c86add25f649d9d9cbafc9cfcbef82e15e6a62027e7306a02
802a23298f113152841ca618196cb003c66f9ca4775b866b7b48707114e46850
84ec51d044b5f3ff86c1034026f54ff8be4b40dd7aaee341191af3bc8a27f8a4
8600b3f2eecce7cc0727b4f4057cc6ecc7ff48ad7c1b873438b26b07bf184940
8c3d484c440211dee7676effff3b5b9498cb62568ae17e38f4c6eb16fb33b97c
922bc69165f500a01363b8728eef1baadd8e2034c51bb6446d5a2f1338655eb1
ac650fb0013fc87d948e625cd2d8eefcdd4e6c473a965afdd5dce22948815eab
af91824c18a7211338055155201050de261a062f39b6e3cea8c9955a0a42f3c0
dade99c2080c321de219d051e4369a63ebfac8a0c53d2edb5a591df242bdf81f
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fb8c450839963d9bcd67458658237130672d419cfbcfe8920389f16d24508b