urlscan.io logo urlscan.io
SecurityTrails logo

www.edocr.com Open in urlscan Pro
54.87.180.215  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.edocr.com/v/lamr9k3l/mariquillagimpel/Dont-Fall-For-This-Minecraft-Server-Host-Scam
Effective URL: https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Submission: On April 02 via manual from US — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 32 HTTP transactions. The main IP is 54.87.180.215, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.edocr.com.
TLS certificate: Issued by Amazon on April 28th 2021. Valid for: a year.
This is the only time www.edocr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    54.87.180.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-180-215.compute-1.amazonaws.com
www.edocr.com
13    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.es
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 125
197 KB
11 edocr.com
www.edocr.com
642 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
5 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 7
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
1 google.es
adservice.google.es — Cisco Umbrella Rank: 35716
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 782
644 B
32 7
Domain Requested by
11 www.edocr.com 1 redirects www.edocr.com
8 pagead2.googlesyndication.com www.edocr.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.edocr.com
www.google-analytics.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.es pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
32 9

This site contains no links.

Subject Issuer Validity Valid
edocr.com
Amazon		 2021-04-28 -
2022-05-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.es
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Frame ID: BFE6875FF2A2E7A6EFF1586A6E3CE5C4
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Frame ID: 224ECF297AAC3E7F32F19474F6E91AEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=8628223775&adk=2306401753&adf=1981261236&pi=t.ma~as.8628223775&w=350&lmt=1648902003&psa=0&format=350x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Flamr9k3l%2Fmariquillagimpel%2Fdont-fall-for-this-minecraft-server-host-scam&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648902003361&bpp=5&bdt=1360&idt=288&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&abxe=1&correlator=4752331053843&frm=20&pv=2&ga_vid=793524930.1648902002&ga_sid=1648902004&ga_hid=1146301202&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-975&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31066121%2C31065722%2C31064019&oid=2&pvsid=4001748532738110&pem=288&tmod=2015831130&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=E7cirJLH8u&p=https%3A//www.edocr.com&dtd=299
Frame ID: 92E0834FA9F5721C75E5D8EA569B9D5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=600&slotname=3952982610&adk=937441900&adf=3095482696&pi=t.ma~as.3952982610&w=120&lmt=1648902003&psa=0&format=120x600&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Flamr9k3l%2Fmariquillagimpel%2Fdont-fall-for-this-minecraft-server-host-scam&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648902003366&bpp=1&bdt=1366&idt=301&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250&correlator=4752331053843&frm=20&pv=1&ga_vid=793524930.1648902002&ga_sid=1648902004&ga_hid=1146301202&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=25&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31066121%2C31065722%2C31064019&oid=2&pvsid=4001748532738110&pem=288&tmod=2015831130&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WnOCjz7uNi&p=https%3A//www.edocr.com&dtd=304
Frame ID: C82B16712CBA4BC0E68CE7443752CF28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=485626509&pi=t.ma~as.4103433139&w=300&lmt=1648902003&psa=0&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Flamr9k3l%2Fmariquillagimpel%2Fdont-fall-for-this-minecraft-server-host-scam&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648902003366&bpp=1&bdt=1365&idt=314&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600&correlator=4752331053843&frm=20&pv=1&ga_vid=793524930.1648902002&ga_sid=1648902004&ga_hid=1146301202&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1270&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31066121%2C31065722%2C31064019&oid=2&pvsid=4001748532738110&pem=288&tmod=2015831130&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=y8eqUWh4D2&p=https%3A//www.edocr.com&dtd=317
Frame ID: 2C03E7B502AD333256E6204887052DE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&adk=1812271804&adf=3025194257&lmt=1648902003&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Flamr9k3l%2Fmariquillagimpel%2Fdont-fall-for-this-minecraft-server-host-scam&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648902003384&bpp=1&bdt=1384&idt=323&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600%2C300x250&nras=1&correlator=4752331053843&frm=20&pv=1&ga_vid=793524930.1648902002&ga_sid=1648902004&ga_hid=1146301202&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31066121%2C31065722%2C31064019&oid=2&pvsid=4001748532738110&pem=288&tmod=2015831130&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=330
Frame ID: B557D959CC21353B734FB98D4D8F9DBA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 919D389B36377F6D860B4A4514FF15B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 802C1D4084086635D59CF69E2F2598EF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DonÂ’t Fall For This Minecraft Server Host Scam | edocr

Page URL History Show full URLs

  1. https://www.edocr.com/v/lamr9k3l/mariquillagimpel/Dont-Fall-For-This-Minecraft-Server-Host-Scam HTTP 302
    https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

32
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

876 kB
Transfer

2921 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.edocr.com/v/lamr9k3l/mariquillagimpel/Dont-Fall-For-This-Minecraft-Server-Host-Scam HTTP 302
    https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dont-fall-for-this-minecraft-server-host-scam
www.edocr.com/v/lamr9k3l/mariquillagimpel/
Redirect Chain
  • https://www.edocr.com/v/lamr9k3l/mariquillagimpel/Dont-Fall-For-This-Minecraft-Server-Host-Scam
  • https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.180.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-180-215.compute-1.amazonaws.com
Software
/ Express
Resource Hash
a2c2477ac118c9a23d8f9aa8be43e0351871e7a2baf1ff54635de5a28d1701ae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accept-Language
es-ES,es;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Security-Policy
frame-ancestors 'none'
build-number
2396
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 02 Apr 2022 12:20:01 GMT
etag
W/"13cb-u9Jc62EAhVBVJOMrKYFdJx4YmH0"
transfer-encoding
chunked
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

Connection
keep-alive
Content-Length
192
Content-Security-Policy
frame-ancestors 'none'
build-number
2396
content-type
text/html; charset=utf-8
date
Sat, 02 Apr 2022 12:20:01 GMT
location
/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
vary
Accept, Accept-Encoding
x-powered-by
Express
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f16a96d5ce67d94244d53e8a5e6aba39f864cf6e19d198d46c92ddbd35d47cd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 12:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54010
x-xss-protection
0
server
cafe
etag
7012871188488116687
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:20:02 GMT
main.00f291007fc7948c83c0.css
www.edocr.com/v/static/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/v/static/main.00f291007fc7948c83c0.css
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.180.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-180-215.compute-1.amazonaws.com
Software
/ Express
Resource Hash
65e4e63638e9c69fe634cc25b595b20afe3e704f5eb8adf36a551e3c23a12ecf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
content-encoding
gzip
etag
W/"814-17fe62886d0"
last-modified
Fri, 01 Apr 2022 17:24:50 GMT
x-powered-by
Express
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
date
Sat, 02 Apr 2022 12:20:02 GMT
Connection
keep-alive
accept-ranges
bytes
transfer-encoding
chunked
build-number
2396
bundle.js
www.edocr.com/v/static/ 		2 MB
574 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/v/static/bundle.js
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.180.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-180-215.compute-1.amazonaws.com
Software
/ Express
Resource Hash
72f14d8e2215e79e27a647aede05143ef230e9ae8901d47e8b910d3fd42519d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
content-encoding
gzip
etag
W/"20d5e5-17fe67eaccf"
last-modified
Fri, 01 Apr 2022 18:58:55 GMT
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
date
Sat, 02 Apr 2022 12:20:02 GMT
Connection
keep-alive
accept-ranges
bytes
transfer-encoding
chunked
build-number
2396
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2712
date
Sat, 02 Apr 2022 11:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 02 Apr 2022 13:34:50 GMT
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1146301202&t=pageview&_s=1&dl=https%3A%2F%2Fwww.edocr.com%2Fv%2Flamr9k3l%2Fmariquillagimpel%2Fdont-fall-for-this-minecraft-server-host-scam&ul=en-us&de=UTF-8&dt=Don%C2%92t%20Fall%20For%20This%20Minecraft%20Server%20Host%20Scam%20%7C%20edocr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1615845524&gjid=1473000423&cid=793524930.1648902002&tid=UA-160144-46&_gid=1649438978.1648902002&_r=1&_slc=1&z=374922646
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.edocr.com/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 12:20:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.edocr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/ Frame 224E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

age
46261
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 23:29:01 GMT
etag
4044455266028820542
expires
Fri, 15 Apr 2022 23:29:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
lamr9k3l
www.edocr.com/api-user/viewingSession/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/api-user/viewingSession/lamr9k3l?isEmbed=false
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.180.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-180-215.compute-1.amazonaws.com
Software
/ Express
Resource Hash
9fef0e2571d6bc5fa784bb7b22c01ea32792cd46ef67a9162f0bcd20d4fbe21b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'none'
content-encoding
gzip
etag
W/"8e0-ySbd7kxzaiTFCtsyKpUUSXb0jmw"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
date
Sat, 02 Apr 2022 12:20:03 GMT
Connection
keep-alive
transfer-encoding
chunked
build-number
2396
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/ 		301 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&bust=31066121
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69d00a244f4a88a3342b71cae196f9b4ae2af134929af5f42f028a526fed4508
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 12:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110200
x-xss-protection
0
server
cafe
etag
13675993629117626548
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 12:20:03 GMT
restrictions
www.edocr.com/pas/v2/ViewingSessions/vK2Czp4kfsQPTnwIvBTKu9eexHvExyHipqhNclH9CcjqtJIDDihNPvviHR9Q8_2a-ao9ySeOfodwDxVgzxOAaWtWzseeNPI0Dh-wVr18cBQvpL4gm6OQKMUszHrQUvUI951wV-6tDmY2cmvZfhCApH5Y4b43Twoq... 		226 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/v2/ViewingSessions/vK2Czp4kfsQPTnwIvBTKu9eexHvExyHipqhNclH9CcjqtJIDDihNPvviHR9Q8_2a-ao9ySeOfodwDxVgzxOAaWtWzseeNPI0Dh-wVr18cBQvpL4gm6OQKMUszHrQUvUI951wV-6tDmY2cmvZfhCApH5Y4b43TwoqhRmmQK7GD58/restrictions
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.180.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-180-215.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
b1ba9fa4ad8fdf667f000a62ef0aebcd3b169d9e70a0e7079072471016139c68
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Gid
QjHvRnejsicGK2bi9RhTbA
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Accusoft-Parent-Pid
0
Accusoft-Parent-Taskid
0

Response headers

Content-Security-Policy
frame-ancestors 'none'
content-encoding
gzip
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
pragma
no-cache
server
nginx
date
Sat, 02 Apr 2022 12:20:03 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
build-number
2396
expires
-1
0
www.edocr.com/pas/Page/q/ 		35 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Page/q/0?DocumentID=uvK2Czp4kfsQPTnwIvBTKu9eexHvExyHipqhNclH9CcjqtJIDDihNPvviHR9Q8_2a-ao9ySeOfodwDxVgzxOAaWtWzseeNPI0Dh-wVr18cBQvpL4gm6OQKMUszHrQUvUI951wV-6tDmY2cmvZfhCApH5Y4b43TwoqhRmmQK7GD58&Scale=1&ContentType=svgb
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.180.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-180-215.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
2a586d51749a33fd0613045e6ca5f6fb249a5e2981f24a39ac5391f264f81e0a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Accusoft-Gid
6yhwfJA1eMS65mSDgT4ObA
Accept-Language
es-ES,es;q=0.9
Accusoft-Parent-Pid
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accusoft-Parent-Taskid
0

Response headers

date
Sat, 02 Apr 2022 12:20:03 GMT
content-encoding
gzip
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=1209600
access-control-allow-credentials
true
Content-Security-Policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2396
truncated
/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8657baaa6b95a17c934001c3338f3cdff05bf8ce67ffe25c3b7ab53cd580241

Request headers

Referer
Origin
https://www.edocr.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
cookie.js
partner.googleadservices.com/gampad/ 		213 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.edocr.com&callback=_gfp_s_&client=ca-pub-6933461940627641
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&bust=31066121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
fdb0d757de3f6153d1e92455d5530dde42d8785ae4f1d555b21013f9b374baf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 12:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.es/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.es/adsid/integrator.js?domain=www.edocr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&bust=31066121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 12:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.edocr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&bust=31066121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 12:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 92E0 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=8628223775&adk=2306401753&adf=1981261236&pi=t.ma~as.8628223775&w=350&lmt=1648902003&psa=0&format=350x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Flamr9k3l%2Fmariquillagimpel%2Fdont-fall-for-this-minecraft-server-host-scam&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648902003361&bpp=5&bdt=1360&idt=288&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&abxe=1&correlator=4752331053843&frm=20&pv=2&ga_vid=793524930.1648902002&ga_sid=1648902004&ga_hid=1146301202&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-975&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31066121%2C31065722%2C31064019&oid=2&pvsid=4001748532738110&pem=288&tmod=2015831130&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=E7cirJLH8u&p=https%3A//www.edocr.com&dtd=299
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&bust=31066121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65f4f42100a0f5cbe359bd648a801941f8e203f9c404feb58186f129655a12e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 12:20:03 GMT
expires
Sat, 02 Apr 2022 12:20:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220330&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&bust=31066121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04e8dc8bdedf416c5736b6af9347abb9361d69b3c4a29ab8eecdfc5f0fe0da65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 12:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10683
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C82B 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=600&slotname=3952982610&adk=937441900&adf=3095482696&pi=t.ma~as.3952982610&w=120&lmt=1648902003&psa=0&format=120x600&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Flamr9k3l%2Fmariquillagimpel%2Fdont-fall-for-this-minecraft-server-host-scam&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648902003366&bpp=1&bdt=1366&idt=301&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250&correlator=4752331053843&frm=20&pv=1&ga_vid=793524930.1648902002&ga_sid=1648902004&ga_hid=1146301202&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=25&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31066121%2C31065722%2C31064019&oid=2&pvsid=4001748532738110&pem=288&tmod=2015831130&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WnOCjz7uNi&p=https%3A//www.edocr.com&dtd=304
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&bust=31066121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95ae0b3354383c8e144b24442ad173b2304ca39fefed9d9a5abcf40b3db4c669
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 12:20:03 GMT
expires
Sat, 02 Apr 2022 12:20:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2C03 		436 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=485626509&pi=t.ma~as.4103433139&w=300&lmt=1648902003&psa=0&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Flamr9k3l%2Fmariquillagimpel%2Fdont-fall-for-this-minecraft-server-host-scam&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648902003366&bpp=1&bdt=1365&idt=314&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600&correlator=4752331053843&frm=20&pv=1&ga_vid=793524930.1648902002&ga_sid=1648902004&ga_hid=1146301202&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1270&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31066121%2C31065722%2C31064019&oid=2&pvsid=4001748532738110&pem=288&tmod=2015831130&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=y8eqUWh4D2&p=https%3A//www.edocr.com&dtd=317
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&bust=31066121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e2f8dc8549f1030ee758ef8cbb74f93b6695441b0960fce27e51164ff1bfd84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
214
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 12:20:03 GMT
expires
Sat, 02 Apr 2022 12:20:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f8c44e204ee99ca2422a4f94b65cbcd43d829534458c88af187c2bf453a9eca

Request headers

Referer
Origin
https://www.edocr.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Flamr9k3l%2Fmariquillagimpel%2Fdont-fall-for-this-minecraft-server-host-scam&tn=DIV&cls=overlay&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 12:20:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Flamr9k3l%2Fmariquillagimpel%2Fdont-fall-for-this-minecraft-server-host-scam&tn=HEADER&cls=MuiPaper-root%20MuiAppBar-root%20MuiAppBar-positionFixed%20MuiAppBar-colorPrimary%20jss2%20mui-fixed%20MuiPaper-elevation4&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 12:20:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B557 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&adk=1812271804&adf=3025194257&lmt=1648902003&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Flamr9k3l%2Fmariquillagimpel%2Fdont-fall-for-this-minecraft-server-host-scam&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648902003384&bpp=1&bdt=1384&idt=323&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x250%2C120x600%2C300x250&nras=1&correlator=4752331053843&frm=20&pv=1&ga_vid=793524930.1648902002&ga_sid=1648902004&ga_hid=1146301202&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31066121%2C31065722%2C31064019&oid=2&pvsid=4001748532738110&pem=288&tmod=2015831130&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=330
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&bust=31066121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 12:20:03 GMT
expires
Sat, 02 Apr 2022 12:20:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Attributes
www.edocr.com/pas/Document/q/ 		41 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Document/q/Attributes?DocumentID=uvK2Czp4kfsQPTnwIvBTKu9eexHvExyHipqhNclH9CcjqtJIDDihNPvviHR9Q8_2a-ao9ySeOfodwDxVgzxOAaWtWzseeNPI0Dh-wVr18cBQvpL4gm6OQKMUszHrQUvUI951wV-6tDmY2cmvZfhCApH5Y4b43TwoqhRmmQK7GD58&DesiredPageCountConfidence=50
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.180.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-180-215.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
e6d3c35d004dc673dcfde2897afabd8910dc3d8d64fd056913316f23885983d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Gid
zSr87QgUzeeRzlUXyWTNow
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Accusoft-Parent-Pid
0
Accusoft-Parent-Taskid
0

Response headers

Content-Security-Policy
frame-ancestors 'none'
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-powered-by
Express
transfer-encoding
chunked
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
date
Sat, 02 Apr 2022 12:20:03 GMT
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-headers
*
build-number
2396
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&bust=31066121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 12:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Apr 2022 12:20:04 GMT
1
www.edocr.com/pas/Page/q/ 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Page/q/1?DocumentID=uvK2Czp4kfsQPTnwIvBTKu9eexHvExyHipqhNclH9CcjqtJIDDihNPvviHR9Q8_2a-ao9ySeOfodwDxVgzxOAaWtWzseeNPI0Dh-wVr18cBQvpL4gm6OQKMUszHrQUvUI951wV-6tDmY2cmvZfhCApH5Y4b43TwoqhRmmQK7GD58&Scale=1&ContentType=svgb
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.180.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-180-215.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
7937053a1628fc27cade764245e9190c3de3b75cc524349b769b73935cd84432
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Accusoft-Gid
plpph1B5HQajCvZ7nGUpXg
Accept-Language
es-ES,es;q=0.9
Accusoft-Parent-Pid
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accusoft-Parent-Taskid
0

Response headers

date
Sat, 02 Apr 2022 12:20:03 GMT
content-encoding
gzip
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=1209600
access-control-allow-credentials
true
Content-Security-Policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2396
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 919D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
age
13467
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 08:35:37 GMT
expires
Sun, 02 Apr 2023 08:35:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 802C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bdbf087d142367b68ebc7f0bba990c8c24e1f9f1f42466f11b7e0f656e90c5f4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZiZljdULEiJDuDzjBSabdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-ZiZljdULEiJDuDzjBSabdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 12:20:04 GMT
expires
Sat, 02 Apr 2022 12:20:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js
pagead2.googlesyndication.com/bg/ Frame 919D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 11:27:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
3166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13680
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Apr 2023 11:27:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 802C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220330&jk=4001748532738110&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 919D 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?z6MdDw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 12:20:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Text
www.edocr.com/pas/Document/q/0-0/ 		95 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Document/q/0-0/Text?DocumentID=uvK2Czp4kfsQPTnwIvBTKu9eexHvExyHipqhNclH9CcjqtJIDDihNPvviHR9Q8_2a-ao9ySeOfodwDxVgzxOAaWtWzseeNPI0Dh-wVr18cBQvpL4gm6OQKMUszHrQUvUI951wV-6tDmY2cmvZfhCApH5Y4b43TwoqhRmmQK7GD58
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.180.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-180-215.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
e2c5540f9540976dac62b51e6a3af9229db1e267fda5c41a4cf112c9d046adfa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Parent-Name
ViewerControl
Accusoft-Gid
1GRHb6m02TTWY7WqGsSYJg
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json
Referer
https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Accusoft-Parent-Pid
0
Accusoft-Parent-Taskid
0

Response headers

date
Sat, 02 Apr 2022 12:20:04 GMT
content-encoding
gzip
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
pragma
no-cache
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
Content-Security-Policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2396
expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220330&jk=4001748532738110&bg=!8_Cl8LTNAAZku-1yRLs7ACkAdvg8Wv3ikFWEQf0y_S447HLy_4koAtNH8ZqJ3z5Mn_9kmD3G7Mo4nwIAAABWUgAAAANoAQeZAqTjj_vVhsqiZMMQJR4c_oWUsIxIZbb8zh6rddy9PE-SXfZD4GaAYOLpUu9k_tfvodxaDyhnCLPgYZLiomhh3ZYI-SlBXNw5VUl0iogJt9o0KqrFeD2p8isJjyOMGDIaY2oiwrcT3eU_4AwXG4YYkgFUB1cZ1nNhFwhe6DxkcQyBLNFUk89LMoS3-ihTG2Pr37IdwIgPHsUF2zR5e3f9RYidWrixZZPLGcz0r9FSed-Y3qFmD6yj6ordcP8_tw330RnHAfgqV_U02eSE53XY6XAK7KstgaF6Fi4XfPZcsqzLaoWwqwKyJWwumu76UFx7OqzxMPsKwL3mD1F6fLqxSo5E0-dJS1FJpMM8M0phnrh0MNc1tjXv4ta4dh0C_YO9_sF3O5_KP1f4BCbcKjVR3fWKxOdd7IF5wxB1hHYcTNEAXjhGgGSRdwFzc59zzywmvViAdYnHjDtnNQta8DwtOGiBSxIi5ZVv5_KMAVCSOhfoGz-Gkgk8stF7zRPRTIxmjGIN_4XWIJMWYQhv3obJaLfDnwLvtmniBVX-OCVNw8HE03bHVohG7YEr9a-NLl-NI3-HkOMb94KFLrPMNWst-mKPUnuKs4TWd8ICzLs0GqAF_txqtuMxDwFv1oVYCQggJxzQwn8Uoc0NoPsaD6HlHEOrsafFFacJOAENDzzn8IY7LdjVgEbkBoke8S6fjjgtdjYWtoMICJfSoOwRItOhWDGafLuuREDHuXHoP5Y3l2UEAo7XeuHQZ26EmkmgbebcgXMnitQ7bWAXs_avuzu5EoDlsrSnzeiQWyAx-W-JAXy_d4UVR0OBuGyi9uodj6Jq0C1qJD3nInCk9n4zMVUYnVpFALmZSfn7h7V-6ZZ6lNZGSrgF4B46lWOxc7FVXIlsJ6c2d9V1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 12:20:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c39b8da49b4b191f00365068d8401cc38c6747b58dbb1a7f5aab9601504e201f

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Text
www.edocr.com/pas/Document/q/1-1/ 		53 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.edocr.com/pas/Document/q/1-1/Text?DocumentID=uvK2Czp4kfsQPTnwIvBTKu9eexHvExyHipqhNclH9CcjqtJIDDihNPvviHR9Q8_2a-ao9ySeOfodwDxVgzxOAaWtWzseeNPI0Dh-wVr18cBQvpL4gm6OQKMUszHrQUvUI951wV-6tDmY2cmvZfhCApH5Y4b43TwoqhRmmQK7GD58
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.180.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-180-215.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
d3469ac6a73fe69627c40484a9668fbecc29364890277cbd26e651166dcaa2a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accusoft-Parent-Name
ViewerControl
Accusoft-Gid
AGw3JDAtzhYovuoj8OKVdQ
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json
Referer
https://www.edocr.com/v/lamr9k3l/mariquillagimpel/dont-fall-for-this-minecraft-server-host-scam
Accusoft-Parent-Pid
0
Accusoft-Parent-Taskid
0

Response headers

date
Sat, 02 Apr 2022 12:20:05 GMT
content-encoding
gzip
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
pragma
no-cache
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
Content-Security-Policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2396
expires
-1

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint function| setImmediate function| clearImmediate object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| IPCC object| PCCViewer function| setDetailsPaneVisible object| vc object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| documentInfo function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests boolean| viewerReady boolean| pageFitted boolean| initialScroll object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
.edocr.com/ Name: _ga
Value: GA1.2.793524930.1648902002
.edocr.com/ Name: _gid
Value: GA1.2.1649438978.1648902002
.edocr.com/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.edocr.com/ Name: __gads
Value: ID=967dc3f38104183a-22bb5c216acd00a3:T=1648902003:RT=1648902003:S=ALNI_MbMGHvgFDedFoIYtwUEZM4EO59P-g

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.es
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.edocr.com
www.google-analytics.com
www.google.com
142.250.74.194
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
54.87.180.215
04e8dc8bdedf416c5736b6af9347abb9361d69b3c4a29ab8eecdfc5f0fe0da65
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882
1e2f8dc8549f1030ee758ef8cbb74f93b6695441b0960fce27e51164ff1bfd84
2a586d51749a33fd0613045e6ca5f6fb249a5e2981f24a39ac5391f264f81e0a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65e4e63638e9c69fe634cc25b595b20afe3e704f5eb8adf36a551e3c23a12ecf
65f4f42100a0f5cbe359bd648a801941f8e203f9c404feb58186f129655a12e9
69d00a244f4a88a3342b71cae196f9b4ae2af134929af5f42f028a526fed4508
6f8c44e204ee99ca2422a4f94b65cbcd43d829534458c88af187c2bf453a9eca
72f14d8e2215e79e27a647aede05143ef230e9ae8901d47e8b910d3fd42519d5
7937053a1628fc27cade764245e9190c3de3b75cc524349b769b73935cd84432
95ae0b3354383c8e144b24442ad173b2304ca39fefed9d9a5abcf40b3db4c669
9fef0e2571d6bc5fa784bb7b22c01ea32792cd46ef67a9162f0bcd20d4fbe21b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c2477ac118c9a23d8f9aa8be43e0351871e7a2baf1ff54635de5a28d1701ae
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1ba9fa4ad8fdf667f000a62ef0aebcd3b169d9e70a0e7079072471016139c68
b8657baaa6b95a17c934001c3338f3cdff05bf8ce67ffe25c3b7ab53cd580241
bdbf087d142367b68ebc7f0bba990c8c24e1f9f1f42466f11b7e0f656e90c5f4
c39b8da49b4b191f00365068d8401cc38c6747b58dbb1a7f5aab9601504e201f
d3469ac6a73fe69627c40484a9668fbecc29364890277cbd26e651166dcaa2a5
e2c5540f9540976dac62b51e6a3af9229db1e267fda5c41a4cf112c9d046adfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d3c35d004dc673dcfde2897afabd8910dc3d8d64fd056913316f23885983d8
f16a96d5ce67d94244d53e8a5e6aba39f864cf6e19d198d46c92ddbd35d47cd9
fdb0d757de3f6153d1e92455d5530dde42d8785ae4f1d555b21013f9b374baf3