URL: https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Submission: On June 09 via manual from DK

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 28 HTTP transactions. The main IP is 3.222.244.201, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.edocr.com.
TLS certificate: Issued by Amazon on April 28th 2021. Valid for: a year.
This is the only time www.edocr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
8 www.edocr.com www.edocr.com
7 pagead2.googlesyndication.com www.edocr.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.edocr.com
www.google-analytics.com
1 www.google.com tpc.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
28 10

This site contains no links.

Subject Issuer Validity Valid
edocr.com
Amazon
2021-04-28 -
2022-05-27
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh
*.google.com
GTS CA 1O1
2021-05-10 -
2021-08-02
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh
www.google.com
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Frame ID: C204B9ED131894D660CF3C52D058D5F4
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Frame ID: 156528A67BD389F02B27645A268CB451
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=600&slotname=3952982610&adk=937441900&adf=750878660&pi=t.ma~as.3952982610&w=120&lmt=1623254018&psa=0&format=120x600&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Frov6nd6b%2Famyellis-taylor%2Fjay-ashall-partnership&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623254017920&bpp=4&bdt=1155&idt=102&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=1474587470651&frm=20&pv=2&ga_vid=941691906.1623254017&ga_sid=1623254018&ga_hid=685973119&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=25&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31060840&oid=3&pvsid=3996553106971381&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1k97gPvuP5&p=https%3A//www.edocr.com&dtd=118
Frame ID: 537D7BE0B317CA2DD02705FD536E637E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=2030016460&pi=t.ma~as.4103433139&w=300&lmt=1623254018&psa=0&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Frov6nd6b%2Famyellis-taylor%2Fjay-ashall-partnership&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623254017925&bpp=1&bdt=1160&idt=126&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=120x600&correlator=1474587470651&frm=20&pv=1&ga_vid=941691906.1623254017&ga_sid=1623254018&ga_hid=685973119&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1270&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31060840&oid=3&pvsid=3996553106971381&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MNkGKQMJQK&p=https%3A//www.edocr.com&dtd=131
Frame ID: 173801FBE4FEEF3B47E979D1D8D6690D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&adk=1812271804&adf=3025194257&lmt=1623254018&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Frov6nd6b%2Famyellis-taylor%2Fjay-ashall-partnership&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623254017974&bpp=2&bdt=1209&idt=89&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=120x600%2C300x250&nras=1&correlator=1474587470651&frm=20&pv=1&ga_vid=941691906.1623254017&ga_sid=1623254018&ga_hid=685973119&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31060840&oid=3&pvsid=3996553106971381&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=94
Frame ID: BFBFE3C0FA0BB60963DA3FD4739D0043
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 8452ACB6D387B385FDBDCBB46347FF64
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 41E601810F5FC4C571E2DBA477499F14
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

28
Requests

100 %
HTTPS

80 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

823 kB
Transfer

2710 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request jay-ashall-partnership
www.edocr.com/v/rov6nd6b/amyellis-taylor/
3 KB
2 KB
Document
General
Full URL
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.244.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-244-201.compute-1.amazonaws.com
Software
/ Express
Resource Hash
feb8b1eade85bfb91818ee0d49f6f5c4f7f3079c7ecce361557d0c6928c2bf80
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Host
www.edocr.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

build-number
2087
content-encoding
gzip
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 09 Jun 2021 15:53:36 GMT
etag
W/"bfb-Ggrb+76VOkmXRVKY5AdzzZTQa+A"
vary
Accept-Encoding
X-Content-Type-Options
nosniff
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
134 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b02bc154b9b7cdb8acfa94aee22a017eada2b408f8bd3ecedfa22c9a3d1f6a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 15:53:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48308
x-xss-protection
0
server
cafe
etag
17755288566060132524
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 09 Jun 2021 15:53:36 GMT
main.00f291007fc7948c83c0.css
www.edocr.com/v/static/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.edocr.com/v/static/main.00f291007fc7948c83c0.css
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.244.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-244-201.compute-1.amazonaws.com
Software
/ Express
Resource Hash
65e4e63638e9c69fe634cc25b595b20afe3e704f5eb8adf36a551e3c23a12ecf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.edocr.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Connection
keep-alive
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Fri, 04 Jun 2021 20:37:04 GMT
x-powered-by
Express
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
date
Wed, 09 Jun 2021 15:53:36 GMT
Connection
keep-alive
accept-ranges
bytes
transfer-encoding
chunked
etag
W/"814-179d8be5980"
build-number
2087
bundle.js
www.edocr.com/v/static/
2 MB
559 KB
Script
General
Full URL
https://www.edocr.com/v/static/bundle.js
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.244.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-244-201.compute-1.amazonaws.com
Software
/ Express
Resource Hash
026e2bb99bffa28f8904e44809f6766b5a66690c1d3d1429f36ec56efbf12ce8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.edocr.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Connection
keep-alive
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Fri, 04 Jun 2021 21:08:57 GMT
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
date
Wed, 09 Jun 2021 15:53:36 GMT
Connection
keep-alive
accept-ranges
bytes
transfer-encoding
chunked
etag
W/"2011d8-179d8db8c83"
build-number
2087
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
884
date
Wed, 09 Jun 2021 15:38:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 09 Jun 2021 17:38:52 GMT
collect
www.google-analytics.com/j/
2 B
30 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=685973119&t=pageview&_s=1&dl=https%3A%2F%2Fwww.edocr.com%2Fv%2Frov6nd6b%2Famyellis-taylor%2Fjay-ashall-partnership&ul=en-us&de=UTF-8&dt=Jay%20Ashall%20Partnership%20%7C%20edocr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=367924284&gjid=1780004013&cid=941691906.1623254017&tid=UA-160144-46&_gid=789804536.1623254017&_r=1&_slc=1&z=286831337
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 15:53:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.edocr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/ Frame 1565
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210607/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.edocr.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 08 Jun 2021 20:40:48 GMT
expires
Tue, 22 Jun 2021 20:40:48 GMT
content-type
text/html; charset=UTF-8
etag
3869991350818612685
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4515
x-xss-protection
0
cache-control
public, max-age=1209600
age
69168
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rov6nd6b
www.edocr.com/api-user/viewingSession/
2 KB
1 KB
XHR
General
Full URL
https://www.edocr.com/api-user/viewingSession/rov6nd6b?isEmbed=false
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.244.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-244-201.compute-1.amazonaws.com
Software
/ Express
Resource Hash
623471f9133c6e66c4c5ff1813c90bf38f22b67a516b64c990100de63a4e61d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.edocr.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Cookie
_ga=GA1.2.941691906.1623254017; _gid=GA1.2.789804536.1623254017; _gat=1
Connection
keep-alive
Accept
application/json, text/plain, */*
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
X-Content-Type-Options
nosniff
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
date
Wed, 09 Jun 2021 15:53:37 GMT
Connection
keep-alive
transfer-encoding
chunked
etag
W/"787-jpMrNC/oJL+LFzd/h91WTy4d064"
build-number
2087
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/
231 KB
85 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 15:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87427
x-xss-protection
0
server
cafe
etag
18285230650351733317
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 09 Jun 2021 15:53:37 GMT
restrictions
www.edocr.com/pas/v2/ViewingSessions/9hgS1tqYkx8MWCwTBGmACw/
226 B
622 B
XHR
General
Full URL
https://www.edocr.com/pas/v2/ViewingSessions/9hgS1tqYkx8MWCwTBGmACw/restrictions
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.244.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-244-201.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
b1ba9fa4ad8fdf667f000a62ef0aebcd3b169d9e70a0e7079072471016139c68
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Accusoft-Parent-Pid
0
Accusoft-Parent-Name
ViewerControl
Sec-Fetch-Dest
empty
Cookie
_ga=GA1.2.941691906.1623254017; _gid=GA1.2.789804536.1623254017; _gat=1
Connection
keep-alive
Accusoft-Gid
yKlcG5W1YX0nDUNi8Q7NWg
Pragma
no-cache
Host
www.edocr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Sec-Fetch-Site
same-origin
Accusoft-Parent-Taskid
0
Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Accusoft-Gid
yKlcG5W1YX0nDUNi8Q7NWg
Accusoft-Parent-Pid
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accusoft-Parent-Taskid
0
Content-Type
application/json

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
X-Content-Type-Options
nosniff
server
nginx
access-control-allow-headers
*
x-powered-by
Express
transfer-encoding
chunked
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
date
Wed, 09 Jun 2021 15:53:38 GMT
Connection
keep-alive
access-control-allow-credentials
true
vary
Accept-Encoding
build-number
2087
0
www.edocr.com/pas/Page/q/
61 KB
32 KB
XHR
General
Full URL
https://www.edocr.com/pas/Page/q/0?DocumentID=u9hgS1tqYkx8MWCwTBGmACw&Scale=1&ContentType=svgb
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.244.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-244-201.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
b1e9838481b7a7abe32b7e481841e026f745351b1d578f290e1961c3d8e2711d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Accusoft-Parent-Pid
0
Accusoft-Parent-Name
ViewerControl
Sec-Fetch-Dest
empty
Cookie
_ga=GA1.2.941691906.1623254017; _gid=GA1.2.789804536.1623254017; _gat=1
Connection
keep-alive
Accusoft-Gid
kaXPiEwHhGOzz1NasDZK5g
Pragma
no-cache
Host
www.edocr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Sec-Fetch-Site
same-origin
Accusoft-Parent-Taskid
0
Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Accusoft-Gid
kaXPiEwHhGOzz1NasDZK5g
Accusoft-Parent-Pid
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accusoft-Parent-Taskid
0

Response headers

date
Wed, 09 Jun 2021 15:53:38 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
x-powered-by
Express
transfer-encoding
chunked
Connection
keep-alive
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2087
truncated
/
1 KB
1 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8657baaa6b95a17c934001c3338f3cdff05bf8ce67ffe25c3b7ab53cd580241

Request headers

Origin
https://www.edocr.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
cookie.js
partner.googleadservices.com/gampad/
199 B
638 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.edocr.com&callback=_gfp_s_&client=ca-pub-6933461940627641
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
3d7e31ccd8b7de78c24d39793377e4b0843016d68c7f3af7a6301b43b90ea398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 15:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
313 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.edocr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 15:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
313 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.edocr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 15:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 537D
436 B
235 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=600&slotname=3952982610&adk=937441900&adf=750878660&pi=t.ma~as.3952982610&w=120&lmt=1623254018&psa=0&format=120x600&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Frov6nd6b%2Famyellis-taylor%2Fjay-ashall-partnership&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623254017920&bpp=4&bdt=1155&idt=102&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=1474587470651&frm=20&pv=2&ga_vid=941691906.1623254017&ga_sid=1623254018&ga_hid=685973119&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=25&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31060840&oid=3&pvsid=3996553106971381&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1k97gPvuP5&p=https%3A//www.edocr.com&dtd=118
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46260caa4081511656ea0bede52669b10bcb9640618c1825d63327cd7b524018
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6933461940627641&output=html&h=600&slotname=3952982610&adk=937441900&adf=750878660&pi=t.ma~as.3952982610&w=120&lmt=1623254018&psa=0&format=120x600&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Frov6nd6b%2Famyellis-taylor%2Fjay-ashall-partnership&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623254017920&bpp=4&bdt=1155&idt=102&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=1474587470651&frm=20&pv=2&ga_vid=941691906.1623254017&ga_sid=1623254018&ga_hid=685973119&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=25&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31060840&oid=3&pvsid=3996553106971381&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1k97gPvuP5&p=https%3A//www.edocr.com&dtd=118
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.edocr.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 09 Jun 2021 15:53:38 GMT
server
cafe
content-length
212
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 09-Jun-2021 16:08:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 09 Jun 2021 15:53:38 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210607&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53c12a2f0e9d208720ee12c008994a3c24d67afd29c2739a1e3fa7de91143dcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 15:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7929
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 15:53:38 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066164336645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28149
x-xss-protection
0
expires
Wed, 09 Jun 2021 15:53:38 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1738
436 B
236 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=2030016460&pi=t.ma~as.4103433139&w=300&lmt=1623254018&psa=0&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Frov6nd6b%2Famyellis-taylor%2Fjay-ashall-partnership&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623254017925&bpp=1&bdt=1160&idt=126&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=120x600&correlator=1474587470651&frm=20&pv=1&ga_vid=941691906.1623254017&ga_sid=1623254018&ga_hid=685973119&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1270&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31060840&oid=3&pvsid=3996553106971381&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MNkGKQMJQK&p=https%3A//www.edocr.com&dtd=131
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b505c901f0c2ac0e178f1663b5ee2c562aabb756ca188d8321dd9af874334ba7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6933461940627641&output=html&h=250&slotname=4103433139&adk=402904232&adf=2030016460&pi=t.ma~as.4103433139&w=300&lmt=1623254018&psa=0&format=300x250&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Frov6nd6b%2Famyellis-taylor%2Fjay-ashall-partnership&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623254017925&bpp=1&bdt=1160&idt=126&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=120x600&correlator=1474587470651&frm=20&pv=1&ga_vid=941691906.1623254017&ga_sid=1623254018&ga_hid=685973119&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1270&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31060840&oid=3&pvsid=3996553106971381&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MNkGKQMJQK&p=https%3A//www.edocr.com&dtd=131
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.edocr.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 09 Jun 2021 15:53:38 GMT
server
cafe
content-length
213
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 09-Jun-2021 16:08:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 09 Jun 2021 15:53:38 GMT
cache-control
private
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Frov6nd6b%2Famyellis-taylor%2Fjay-ashall-partnership&tn=DIV&cls=overlay&ign=false
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 15:53:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Frov6nd6b%2Famyellis-taylor%2Fjay-ashall-partnership&tn=HEADER&cls=MuiPaper-root%20MuiAppBar-root%20MuiAppBar-positionFixed%20MuiAppBar-colorPrimary%20jss2%20mui-fixed%20MuiPaper-elevation4&ign=false
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 15:53:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BFBF
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6933461940627641&output=html&adk=1812271804&adf=3025194257&lmt=1623254018&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Frov6nd6b%2Famyellis-taylor%2Fjay-ashall-partnership&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623254017974&bpp=2&bdt=1209&idt=89&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=120x600%2C300x250&nras=1&correlator=1474587470651&frm=20&pv=1&ga_vid=941691906.1623254017&ga_sid=1623254018&ga_hid=685973119&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31060840&oid=3&pvsid=3996553106971381&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=94
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6933461940627641&output=html&adk=1812271804&adf=3025194257&lmt=1623254018&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.edocr.com%2Fv%2Frov6nd6b%2Famyellis-taylor%2Fjay-ashall-partnership&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623254017974&bpp=2&bdt=1209&idt=89&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=120x600%2C300x250&nras=1&correlator=1474587470651&frm=20&pv=1&ga_vid=941691906.1623254017&ga_sid=1623254018&ga_hid=685973119&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C31060840&oid=3&pvsid=3996553106971381&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=94
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.edocr.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.edocr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 09 Jun 2021 15:53:38 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 09-Jun-2021 16:08:38 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 09 Jun 2021 15:53:38 GMT
cache-control
private
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6933461940627641&plah=www.edocr.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 15:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 09 Jun 2021 15:53:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 8452
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.edocr.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.edocr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 09 Jun 2021 15:31:48 GMT
expires
Thu, 09 Jun 2022 15:31:48 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1310
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 41E6
783 B
778 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
81b8fb61977b519409ffd3cd929ebd4dfd4bde2ee7ac619d38cc289ee41c58ff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UCplqnqqsyqCLWwvSNJwgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.edocr.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.edocr.com/

Response headers

expires
Wed, 09 Jun 2021 15:53:38 GMT
date
Wed, 09 Jun 2021 15:53:38 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-UCplqnqqsyqCLWwvSNJwgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
pagead2.googlesyndication.com/bg/ Frame 8452
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 15:26:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
1617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5751
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jun 2022 15:26:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210607&jk=3996553106971381&bg=!4OOl46fNAAY6sG-_OrA7ACkAdvg8WrUnm-DeC5anofFvoEIY75Nb0hznxEvbnS6XYVLqC6A5qkihsQIAAABiUgAAAAxoAQcKANMTLb0bESH--o75LTtVQiks0nP4hdnR0kZmhOBfBAiEXCPKb_EUqBfDL5iWjCx1lrNmyEmWo431q1-AhQJKIQhaOWFJlHwrumW2bRRc8hYbN2FoLWokyf3yXu1q2KE1n1m3PJoXfNwxTjjwLM1GhKiywMA2y-eK6ZuxQ_pDx4KgpIsMmEScNiJHUI2pkOf17SDEsoyLRddierebpyT9TEeGt0mewGtCvtsDX8cARpXByCkw8hmBmSYKG5gcHRmF1NfEAfLmDYOpJP7lro0tU8teN4lGmQJ32YQE0wsmLv2FeTm9mIL2SJ0JlHoLDPhEwDZkrR55IJuWcx0DUpwk3CsGOccWtLycObXZtuZv5naz9OSRhzczDQHTkz5KFWHeF7Dq2bsfiejjPSkGlTO8uNOoRRz8GMYbkmvk1gADt6JWodv4Y7rZX2guke28p_cfjHQI73QTHqxEYSF6y6Ab_8ohYvyRio3d1HYOqkdV4l61NoOpNiJ6vo7nCLIGNFu8XIMDxEM8iCbuQeJTh7ybZ7nVQKdtvPawOWhCk3LTPXyc5698CiZIcS3ruEP61pgPdhRDmHPSdxKIWTOs68fjZYyOIWMrlKEPIh7fJvg6bk9fo2Clp3LeLt1iL5jIs1_-ylU7Tq4cwTHqGwmB4ZtskfWO8l7Bp5U_-6ypHSkPAZZWN8vrsOGT5GM62zoe8iKswKzVtPZ-ufooJdhcYDn-H6iF2zFwU-SlM3l7JdLkYB477vkBGruiMRnTfpq4KctkbOAnruTTh1bdP4ifi_8WwRQYBYEvpXufaINy8MfmItdYLUO8JOLf_zMXax3QQFf5O06bJobqETHa1Ne1EVygJcftsTuUqSpcbH9mhAMgREeqrBLQpdPotYyWjhHWidX19-S0Et2d4Ad7uXMVBjRcdqzkRFNPaJEvzApexOVJ_TAOhM71WELFIEyQxeDSLENtteLH1JY250IxkCD7Ax3-h617a4ZP3rTuw87uy3ysxY0RU-tCmxo8E3lCI1zsehY5RP5svqmqxsJwVGb00Ti5il0ZXY50VZsxTXBGAlcORJk6DFWApdT1qs86fe8Bw3IjdLxGngyr5gmTTrviH_MualQpiUPd6Bww5ebEsjNViQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edocr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 15:53:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43c75ff34bb3f1a04d0080e7ec7bf1fb072861058fa74438e9b7351ad4d573a5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07af594c7db6b285ea48b63d240caa620915d862ebbbee83f911475567d0d234

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
11 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aada68fee962c48df704b9298574b83bb8e6ceb571fde83cc87d48a49c4d6080

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Attributes
www.edocr.com/pas/Document/q/
41 B
531 B
XHR
General
Full URL
https://www.edocr.com/pas/Document/q/Attributes?DocumentID=u9hgS1tqYkx8MWCwTBGmACw&DesiredPageCountConfidence=50
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.244.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-244-201.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
db8483df46939e49776f18e2b3166a60f9703cb8cda142a0305b0402aca1af12
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Accusoft-Parent-Pid
0
Accusoft-Parent-Name
ViewerControl
Sec-Fetch-Dest
empty
Connection
keep-alive
Accusoft-Gid
R7c0jeIcs9cpnrJu4bQoZw
Pragma
no-cache
Host
www.edocr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Sec-Fetch-Site
same-origin
Accusoft-Parent-Taskid
0
Accusoft-Parent-Name
ViewerControl
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Accusoft-Gid
R7c0jeIcs9cpnrJu4bQoZw
Accusoft-Parent-Pid
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accusoft-Parent-Taskid
0
Content-Type
application/json

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
X-Content-Type-Options
nosniff
server
nginx
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
date
Wed, 09 Jun 2021 15:53:38 GMT
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-headers
*
Content-Length
58
build-number
2087
truncated
/
11 KB
11 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53a848a014674e1fe27368755dace3ada8f81e00387e651515b809e28a4dc692

Request headers

Origin
https://www.edocr.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
Text
www.edocr.com/pas/Document/q/0-0/
9 KB
3 KB
XHR
General
Full URL
https://www.edocr.com/pas/Document/q/0-0/Text?DocumentID=u9hgS1tqYkx8MWCwTBGmACw
Requested by
Host: www.edocr.com
URL: https://www.edocr.com/v/static/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.244.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-244-201.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
e071e6c581f9466b65d6bea7095705ac3b1a67c708f059cea53648f236fa72f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Accusoft-Parent-Pid
0
Accusoft-Parent-Name
ViewerControl
Sec-Fetch-Dest
empty
Connection
keep-alive
Accusoft-Gid
4Yp26P7Ci5KGCNHtudJhpQ
Pragma
no-cache
Host
www.edocr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json
Cache-Control
no-cache
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Sec-Fetch-Site
same-origin
Accusoft-Parent-Taskid
0
accept
application/json
Referer
https://www.edocr.com/v/rov6nd6b/amyellis-taylor/jay-ashall-partnership
Accusoft-Parent-Name
ViewerControl
Accusoft-Gid
4Yp26P7Ci5KGCNHtudJhpQ
Accusoft-Parent-Pid
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accusoft-Parent-Taskid
0

Response headers

date
Wed, 09 Jun 2021 15:53:40 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
x-powered-by
Express
Connection
keep-alive
Content-Length
2749
accusoft-data-encrypted
false
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
*
build-number
2087
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c39b8da49b4b191f00365068d8401cc38c6747b58dbb1a7f5aab9601504e201f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint function| setImmediate function| clearImmediate object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| IPCC object| PCCViewer function| setDetailsPaneVisible object| vc object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| documentInfo object| google_persistent_state_async function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| viewerReady boolean| pageFitted boolean| initialScroll

3 Cookies

Domain/Path Name / Value
.edocr.com/ Name: _gat
Value: 1
.edocr.com/ Name: _gid
Value: GA1.2.789804536.1623254017
.edocr.com/ Name: _ga
Value: GA1.2.941691906.1623254017

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.edocr.com
www.google-analytics.com
www.google.com
www.googletagservices.com
142.250.185.130
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
3.222.244.201
026e2bb99bffa28f8904e44809f6766b5a66690c1d3d1429f36ec56efbf12ce8
07af594c7db6b285ea48b63d240caa620915d862ebbbee83f911475567d0d234
1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
2b02bc154b9b7cdb8acfa94aee22a017eada2b408f8bd3ecedfa22c9a3d1f6a4
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3d7e31ccd8b7de78c24d39793377e4b0843016d68c7f3af7a6301b43b90ea398
43c75ff34bb3f1a04d0080e7ec7bf1fb072861058fa74438e9b7351ad4d573a5
46260caa4081511656ea0bede52669b10bcb9640618c1825d63327cd7b524018
53a848a014674e1fe27368755dace3ada8f81e00387e651515b809e28a4dc692
53c12a2f0e9d208720ee12c008994a3c24d67afd29c2739a1e3fa7de91143dcd
623471f9133c6e66c4c5ff1813c90bf38f22b67a516b64c990100de63a4e61d0
65e4e63638e9c69fe634cc25b595b20afe3e704f5eb8adf36a551e3c23a12ecf
707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13
81b8fb61977b519409ffd3cd929ebd4dfd4bde2ee7ac619d38cc289ee41c58ff
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aada68fee962c48df704b9298574b83bb8e6ceb571fde83cc87d48a49c4d6080
b1ba9fa4ad8fdf667f000a62ef0aebcd3b169d9e70a0e7079072471016139c68
b1e9838481b7a7abe32b7e481841e026f745351b1d578f290e1961c3d8e2711d
b505c901f0c2ac0e178f1663b5ee2c562aabb756ca188d8321dd9af874334ba7
b8657baaa6b95a17c934001c3338f3cdff05bf8ce67ffe25c3b7ab53cd580241
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c39b8da49b4b191f00365068d8401cc38c6747b58dbb1a7f5aab9601504e201f
db8483df46939e49776f18e2b3166a60f9703cb8cda142a0305b0402aca1af12
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e071e6c581f9466b65d6bea7095705ac3b1a67c708f059cea53648f236fa72f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
feb8b1eade85bfb91818ee0d49f6f5c4f7f3079c7ecce361557d0c6928c2bf80