online2pdf.com Open in urlscan Pro
92.42.142.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://s2.online2pdf.com/
Effective URL:
https://online2pdf.com/
Submission: On September 28 via manual (September 28th 2022, 12:26:59 pm UTC) from IN — Scanned from DE

Summary HTTP 233 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 54 IPs in 10 countries across 39 domains to perform 233 HTTP transactions. The main IP is 92.42.142.174, located in Vienna, Austria and belongs to NESSUS, AT. The main domain is online2pdf.com. The Cisco Umbrella rank of the primary domain is 193467.
TLS certificate: Issued by R3 on August 21st 2022. Valid for: 3 months.

This is the only time online2pdf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	92.42.142.172 92.42.142.172	47692 (NESSUS) (NESSUS)
1 44	92.42.142.174 92.42.142.174	47692 (NESSUS) (NESSUS)
4	2a02:26f0:350... 2a02:26f0:3500:12::1730:17a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	185.86.137.114 185.86.137.114	201081 (SMARTADSE...) (SMARTADSERVER)
2	52.28.133.239 52.28.133.239	16509 (AMAZON-02) (AMAZON-02)
2	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 5	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2606:4700:10:... 2606:4700:10::ac43:8ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
2	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 5	185.29.132.242 185.29.132.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2602:803:c003... 2602:803:c003:200::57	26667 (RUBICONPR...) (RUBICONPROJECT)
1	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
5	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
5 14	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:ebd:fba0:5325:a4e6	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
2 3	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
18	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
13	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2 2	35.161.30.252 35.161.30.252	16509 (AMAZON-02) (AMAZON-02)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1 1	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
233	54

3 92.42.142.172 (Vienna, Austria) 1 redirects

ASN47692 (NESSUS, AT)
PTR: s2.online2pdf.com

s2.online2pdf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.online2pdf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 92.42.142.174 (Vienna, Austria) 1 redirects

ASN47692 (NESSUS, AT)
PTR: s4.online2pdf.com

online2pdf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:12::1730:17a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.fuseplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)

prg8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.133.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-133-239.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

publift-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e1d1e29d7d0343a5d2667e4a6be02c28.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.29.132.242 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::57 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.64.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.4.10.47 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal90002.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.184.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.139 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:ebd:fba0:5325:a4e6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.37 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.161.30.252 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-30-252.us-west-2.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.153 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	online2pdf.com 2 redirects s2.online2pdf.com — Cisco Umbrella Rank: 677034 online2pdf.com — Cisco Umbrella Rank: 193467 ads.online2pdf.com — Cisco Umbrella Rank: 350809	180 KB
31	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 299	388 KB
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com e1d1e29d7d0343a5d2667e4a6be02c28.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143	150 KB
23	adform.net track.adform.net — Cisco Umbrella Rank: 3694 s1.adform.net — Cisco Umbrella Rank: 7901	159 KB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 268	191 KB
13	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 465 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9821 eus.rubiconproject.com — Cisco Umbrella Rank: 557 pixel.rubiconproject.com — Cisco Umbrella Rank: 336 token.rubiconproject.com — Cisco Umbrella Rank: 667	21 KB
12	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 297 s.amazon-adsystem.com — Cisco Umbrella Rank: 287 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1216	97 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 728 gum.criteo.com — Cisco Umbrella Rank: 402 mug.criteo.com — Cisco Umbrella Rank: 2810	15 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 45216 hal90002.redintelligence.net — Cisco Umbrella Rank: 298503	8 KB
6	mathtag.com 1 redirects tags.mathtag.com — Cisco Umbrella Rank: 3299 pixel.mathtag.com — Cisco Umbrella Rank: 935	4 KB
6	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 428	5 KB
6	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 481 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	4 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 2	3 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 636	114 KB
4	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1031	2 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 919 api.btloader.com — Cisco Umbrella Rank: 1034	24 KB
4	fuseplatform.net cdn.fuseplatform.net — Cisco Umbrella Rank: 23278	277 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	25 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439 ups.analytics.yahoo.com — Cisco Umbrella Rank: 282	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	131 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8962	1 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 749	488 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4521	645 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 727	2 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 598	1 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 925	410 B
2	connectad.io i.connectad.io — Cisco Umbrella Rank: 6901	530 B
2	openx.net publift-d.openx.net — Cisco Umbrella Rank: 31551	527 B
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1254	500 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 543	1017 B
2	smartadserver.com prg8.smartadserver.com — Cisco Umbrella Rank: 17767	1 KB
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 431	180 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 815	711 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 979	463 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 365	707 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 344	265 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 284	32 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 389	9 KB
0	33across.com Failed ssc.33across.com Failed
233	39

	Domain	Requested by
44	online2pdf.com	1 redirects online2pdf.com
18	s1.adform.net	track.adform.net s1.adform.net online2pdf.com
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com googleads.g.doubleclick.net
14	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net ads.online2pdf.com b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
13	s0.2mdn.net	online2pdf.com s0.2mdn.net b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
11	securepubads.g.doubleclick.net	cdn.fuseplatform.net securepubads.g.doubleclick.net online2pdf.com www.googletagservices.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
6	c.amazon-adsystem.com	cdn.fuseplatform.net c.amazon-adsystem.com
5	track.adform.net	hal90002.redintelligence.net s1.adform.net
5	hal90002.redintelligence.net	1 redirects ads.online2pdf.com hal90002.redintelligence.net
5	tags.mathtag.com	1 redirects online2pdf.com ads.online2pdf.com tags.mathtag.com
5	ib.adnxs.com	2 redirects cdn.fuseplatform.net googleads.g.doubleclick.net
4	token.rubiconproject.com	4 redirects
4	pixel.rubiconproject.com	2 redirects ads.online2pdf.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	gum.criteo.com	2 redirects static.criteo.net
4	static.criteo.net	cdn.fuseplatform.net static.criteo.net
4	ad-delivery.net	ads.online2pdf.com btloader.com
4	cdn.fuseplatform.net	ads.online2pdf.com cdn.fuseplatform.net
3	cdnjs.cloudflare.com	s1.adform.net
3	aax-eu.amazon-adsystem.com	2 redirects
3	s.amazon-adsystem.com	2 redirects
3	www.googletagservices.com	securepubads.g.doubleclick.net b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	online2pdf.com
2	onetag-sys.com	1 redirects b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
2	ups.analytics.yahoo.com	2 redirects
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	googleads.g.doubleclick.net	b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com online2pdf.com
2	eus.rubiconproject.com	ads.online2pdf.com eus.rubiconproject.com
2	mug.criteo.com
2	www.google.com	tpc.googlesyndication.com
2	b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	api.btloader.com	btloader.com
2	ad.doubleclick.net	ads.online2pdf.com btloader.com
2	btloader.com	cdn.fuseplatform.net
2	ap.lijit.com	cdn.fuseplatform.net
2	prebid.a-mo.net	cdn.fuseplatform.net
2	bidder.criteo.com	cdn.fuseplatform.net
2	i.connectad.io	cdn.fuseplatform.net
2	publift-d.openx.net	cdn.fuseplatform.net
2	a.teads.tv	cdn.fuseplatform.net
2	tlx.3lift.com	cdn.fuseplatform.net
2	prg8.smartadserver.com	cdn.fuseplatform.net
2	hbopenbid.pubmatic.com	cdn.fuseplatform.net
2	fastlane.rubiconproject.com	cdn.fuseplatform.net
2	htlb.casalemedia.com	cdn.fuseplatform.net
2	ads.online2pdf.com	online2pdf.com
1	secure.adnxs.com	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
1	px.ads.linkedin.com	ads.online2pdf.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org	ads.online2pdf.com
1	ajax.googleapis.com	hal90002.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	online2pdf.com
1	beacon-ams3.rubiconproject.com	online2pdf.com
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	e1d1e29d7d0343a5d2667e4a6be02c28.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s2.online2pdf.com	1 redirects
0	ssc.33across.com Failed	cdn.fuseplatform.net
233	64

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com
www.tiktok.com
typing-speed.net

Subject Issuer	Validity	Valid
online2pdf.com R3	`2022-08-21` - `2022-11-19`	3 months	crt.sh
cdn.fuseplatform.net R3	`2022-08-15` - `2022-11-13`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2022-04-15` - `2023-04-15`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2022-08-21` - `2022-11-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
redintelligence.net R3	`2022-08-02` - `2022-10-31`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://online2pdf.com/
Frame ID: BB888C041270E02558995AF77D83C47D
Requests: 43 HTTP requests in this frame

Frame: https://ads.online2pdf.com/vertical
Frame ID: 29ACCAD4F8CD31104F3C953928CDEED1
Requests: 40 HTTP requests in this frame

Frame: https://ads.online2pdf.com/horizontal
Frame ID: 82A99E2CAE953F873DF141033AF0F0D5
Requests: 35 HTTP requests in this frame

Frame: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C6BB9D16E8C5861E7D1E8C423F9BEF34
Requests: 1 HTTP requests in this frame

Frame: https://e1d1e29d7d0343a5d2667e4a6be02c28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DD90D3CA145B1FDFC49C92CC4CDEC0A5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=online2pdf.com
Frame ID: 9730AF9AAE06681FE2C5C452CE7CCC2A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=online2pdf.com
Frame ID: 93B7968A9154F69042D480059AE92DDD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B1C24136559DBD4DA75B270831E57E64
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E91F2752C2B0C61F4D0E35E711E947BA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 34236945B24E400FE121BE6907AD164C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F713534C65BA2395D66CC4001D576311
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEDp-PQ-d3qJekZr20HxhttQu94AzfGooQalxMZdquGwzFvaf_QPLtpuQxCCoQOF_rdO1XYBcigRzuZ8pysgCO_Xs-uLvgtHoTQ4E4DyF2-efv4HBMCLF9-LtMAgbTFf-2Up-ifLCAFFjJPS6fL7Vl5ObGCXzBmoa_7yzzsP2wbodswWTgFJoMDuGQ1hU6i8fuGPO2lwiLj3xS-xCK1B3Pq0PhBXi11gzwKynGIIdlXkXFN9XJlVvp9h2qGUo09xRh5kQ75OAgRhDEBsY3OpDV8r29AcppmRLeOc6SeOYrbr8_HloVuCwnZaT5kT0OBtsv9UmQtwsLp8ptz-xc4dye_uO5u-fU5-zQ1eMmog&sai=AMfl-YSxtiPrRYNNcYD4YMVZvNbqc4z18sG1Ax35SVmA1jbs9amnu4zLNnjMmb7tNAErW-hN2lDQyxyBomhzJ0VDBk1lMex-RTHvPvMDo6ToIGY_AXPZHHO-tbHi_Y047SZ7S_ThPw&sig=Cg0ArKJSzL1vkw09Juv3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 77759FBB8F3DC736B7954875FF400A35
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVc28DGROV3xcCgCW2wx_HVbgrS1azJHvZzH-1-KHQXIiXIUyEdS8VuWT5rx8Gznej4jsmfP4Tcgg0LCY9rg7OWgtJIIWwVsHYMLLWxCAdVMXhikRM0YrgUveiNr5D-GNi9t6euCFj5i_gZejXdrNjLblOKuI9K09WbNkju_w0bgVlrB2tLufetkzyX_0ubQNx7PvH1YSpFNehmFvgrOTQ5VANJ1rYDOsnS9UTZ4ob4SCVRyZ24_PZibLJeLPflrXv19ZvRJFMV4t0ummQcK7lk_kz489unmQEZ-F1t83x8Agr1mU8anlMphQpb7u7JQNiszVrIR_K1cno961b8MakliqV8kj3qP_3M04-FQ&sai=AMfl-YRnclYm1AkfAApAM8i3wqH9nOtbavt-B8olRiCo-Pg60Hl7gDLqtOzeU_3IkmjXDJMjYROAPIVAALNAMBlMcZ3jAcijeAHER6dD_SsYfo_9qQ&sig=Cg0ArKJSzBhDC3Pro3rPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F89D086AB263B163944AA965EFE5C6E5
Requests: 14 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=34319500076036305369359012096002&a=8afebb5e
Frame ID: 3CE72A07290081D0F648A71E99B80095
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 45993FC7149C412CCE5FA81B7E5F9F56
Requests: 10 HTTP requests in this frame

Frame: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C19573C72A87ECDD743A6004BB308DD9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRD40Y2QAxjJ8fPCATAB&v=APEucNUddOjksGiPNiv94houdW7Mlqy2_mGBhlsPTnZhLbYND491vmCuV3O5An6UgnC1dD8DyEC4JgzPw7UQlq0QtYhxYHdou5BfjYz5ugN0v6GlXCdAxyFMQzSDNiBAhsO9H9Xd_o47IL8OeyVshZcz6U4FEaIEB1nE_GstGebsu2sAkbrdwsM
Frame ID: F65EED7BC7A6EB56CA9789E06F44A22B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4AC324E03B96CAB15B8FBEBC7CCDCDF4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 321688844D523728E421520B486785E3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14430504287777466289/index.html
Frame ID: D8259B6A6811B7F9627D69F781B40AFB
Requests: 12 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/11733190/11733190.js?ADFassetID=11733190&bv=259
Frame ID: B7102FD24870DCA5514BEB544DC2573C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online PDF Konverter - PDF Dateien zusammenfügen & verkleinern

Page URL History Show full URLs

http://s2.online2pdf.com/ HTTP 302
http://online2pdf.com/ HTTP 301
https://online2pdf.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

233
Requests

88 %
HTTPS

39 %
IPv6

39
Domains

64
Subdomains

54
IPs

10
Countries

1831 kB
Transfer

5009 kB
Size

38
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Online2PDF

Search URL Search Domain Scan URL

URL: https://twitter.com/Online2PDF

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/online2pdf

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCpbq9zpPLprwRBRUx8wqaSw

Search URL Search Domain Scan URL

URL: https://www.instagram.com/online2pdf

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@online2pdf

Search URL Search Domain Scan URL

URL: https://typing-speed.net/
Title: Typing-Speed.netWie schnell können Sie tippen?Testen Sie Ihre Tippgeschwindigkeit.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://s2.online2pdf.com/ HTTP 302
http://online2pdf.com/ HTTP 301
https://online2pdf.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118

https://gum.criteo.com/sid/json?origin=publishertag&domain=online2pdf.com&sn=ChromeSyncframe&so=0&topUrl=online2pdf.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=tOQhOHxGZXFEeVc4Q1VFTG5PQnlWejJ4TGNvNkFINW1Vek1DYktoUFMvVWx1MUphQmlLcmV3NVBKR0s5TUxnWXQxMXBQMmljZFRuMDFqMWRiL1VocUovSXhhOTh3NnAzazdvUlRVWjFRRUJ0emVNWS9Jb2ZwS0wzOFJpY1Z3UjJtb1BXdFlraGN5NVdPNFNXbVhyKyt0dVBWZ3hvMHozK0pRQVBmOXFUNmp2aFljcWMramNIY1dyMVRvNVg0Q1RKTUtueE1ManFFdVR4aXZNN3hhdHBvSGZtYnZyWi9zWVFiM2xZMkF3RGlmRGZSbnhnRWozRWhGVDVmZkl1bUJOL0xyZmlYMVJlSkQ4bHpEZDBiUnJaQWhVVWladz09fA&cppv=2

Request Chain 121

https://gum.criteo.com/sid/json?origin=publishertag&domain=online2pdf.com&sn=ChromeSyncframe&so=0&topUrl=online2pdf.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=gsemcXxJeUxyUURtZktXU2VzY25HWUZUS2MvcHp3eFJOVUw4d2JGSzFyOFp6ZW5GOG1naU5HYlJ6OWlsNGM0Q05uV2oxV2NlWE9Ma0h1OE1Ed2ZkbVpqbnlZaG5aWXFVSXJuNjBGVklLTXdINmFVZ3g3SDIzaHI5TjBDdUxxZnBIVHp0ZDBYblIrYlFIeW85c1BZZE9qZ2VnUTRpYlk4eTMwZHRxV285MjRxd3dxOU9idGZhc2pKRTB2QktLYzIwWit5NHlkMWJHcmpCb2RUdmlQc2tFQnhKaU1xZktrbnVjOHpBem00UzBaQm5wcUpnZk5YY2lRc21Tdm53TnhOdmE5NUdvVXloRC9BcjExQWoyUkRTQWlpdXY0UT09fA&cppv=2

Request Chain 139

https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWWpFNVlUWm1aRFl0WWpWbE15MHdOMlF4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwMzI2OTQ3NzkzMzUxMTE0NTYvMTA5NTE3NzAvMTIyNjI4MzMvOS9yTE5JNG1yRUFrSGhQZ2FGdGxZUnljaEQzbDFrN1cyZ0JxZGxuaHRRTnQ0LzEvOS8wLzAvMTk3NjQ0My8wLzIxNTU0My8xMjEyOTQ4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDAzMjY5NDc3OTMzNTExMTQ1Ni96cmgvMC81NTU4LzQ0Lzk5OS8yLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY2NDM2ODAwOS8xNjY0MzgwNjA5LzkvMjA4ODQv/5pGun77VQJtJaQMuAiFg32SzJVE&nodeid=3771&group=zrh&auctionid=4032694779335111456&pbs_auctionid=4032694779335111456&shardkey=4032694779335111456&sid=12262833&cid=10951770&price=C3424DB3FB97F09A&bp=a_bcjjjd&nfy_act=LD5wfn0&src=imp&type=burl&client=c2s&bfip=185.29.132.88 HTTP 302
https://tags.mathtag.com/ck-confirm?bid_id=4032694779335111456&node_id=3771&exch_id=9

Request Chain 144

https://hal90002.redintelligence.net/request.php?zone=qu1sjawjblqw&nw=20&renderingType=javascript&namespace=c604559ecf&subid=&uid=17f4cad8900f48b4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4b29c695160fc4eabd320411fd0667f792eed3e0%26mt_aid%3D4032694779335111456%26mt_id%3D10951770%26mt_adid%3D215543%26mt_sid%3D12262833%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddc226334-3d8a-4101-8dc9-0bd384945aea%26mt_cid%3Ddc226334-3d8a-4101-8dc9-0bd384945aea%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe41131d9-6dc7-440c-9709-254090a767e0%2F%26redirect%3D&documentReferer=https%3A%2F%2Fads.online2pdf.com%2Fhorizontal&ancestorOrigins=https%3A%2F%2Fads.online2pdf.com%2Chttps%3A%2F%2Fonline2pdf.com&random=7495568107553&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90002.redintelligence.net/request.php?zone=qu1sjawjblqw&nw=20&renderingType=javascript&namespace=c604559ecf&subid=&uid=17f4cad8900f48b4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4b29c695160fc4eabd320411fd0667f792eed3e0%26mt_aid%3D4032694779335111456%26mt_id%3D10951770%26mt_adid%3D215543%26mt_sid%3D12262833%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddc226334-3d8a-4101-8dc9-0bd384945aea%26mt_cid%3Ddc226334-3d8a-4101-8dc9-0bd384945aea%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe41131d9-6dc7-440c-9709-254090a767e0%2F%26redirect%3D&documentReferer=https%3A%2F%2Fads.online2pdf.com%2Fhorizontal&ancestorOrigins=https%3A%2F%2Fads.online2pdf.com%2Chttps%3A%2F%2Fonline2pdf.com&random=7495568107553&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEZ4TtT94TznSID9v0RZm4M&google_cver=1

Request Chain 162

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzQ9i1CjukFgEJHFKo2mTQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEZ4TtT94TznSID9v0RZm4M&google_cver=1

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED3SS59JVP2XsQ-hOeeX8jI&google_cver=1

Request Chain 164

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc3NzM3ODY1NzEzOTgxMTE4NA%3D%3D

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIP8ckuz2TvtLRNR5CVvKEw&google_cver=1

Request Chain 167

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhlNjFlMTVlODQ0MWZkMTJkNmRkZTdlYjhjNTIyMTY0YTIwYzUwYQ

Request Chain 168

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhMTFFOMTctMTgtN0FOQQ==

Request Chain 169

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/mjJVOL8YIcxUl4aD7EZAEcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3201031997963443168

Request Chain 170

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8LLQN17-18-7ANA

Request Chain 171

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dhR7b4mBRIeRtkSbHAglNw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dhR7b4mBRIeRtkSbHAglNw

Request Chain 172

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Om4RinT9QTm8pkEs3J0WSQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Om4RinT9QTm8pkEs3J0WSQ

Request Chain 182

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDgsBKTaf-ZKxnNZx7nHyOI&google_cver=1&google_push=AZmPxg8bQM1S9a3jrHyyA9Ag5Tt8EBV9rv8iMBJshxnl_bQ_3WQqoQgIS1EqDAT_iJQXJANYZNV0t-N8DL6APpfWf4sNUrknhkdk HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDgsBKTaf-ZKxnNZx7nHyOI&google_cver=1&google_push=AZmPxg8bQM1S9a3jrHyyA9Ag5Tt8EBV9rv8iMBJshxnl_bQ_3WQqoQgIS1EqDAT_iJQXJANYZNV0t-N8DL6APpfWf4sNUrknhkdk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RU1hR2VWQWwxT0R3OWw1&google_gid=CAESEDgsBKTaf-ZKxnNZx7nHyOI&google_cver=1&google_push=AZmPxg8bQM1S9a3jrHyyA9Ag5Tt8EBV9rv8iMBJshxnl_bQ_3WQqoQgIS1EqDAT_iJQXJANYZNV0t-N8DL6APpfWf4sNUrknhkdk

Request Chain 183

https://um.simpli.fi/gp_match?google_gid=CAESEJEWEAe5O6A7y8-vSW2BDYc&google_cver=1&google_push=AZmPxg9ehLURFbQOY7rWIfVOm7ThVDYu3aTh9qRUyuI451t5zhHWcNvryqQpI_sa_MAt5RmGHB599tvaxzfaWuCwAU68WathtW9e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC4D423C13474BAF973226A9856689FB&google_push=AZmPxg9ehLURFbQOY7rWIfVOm7ThVDYu3aTh9qRUyuI451t5zhHWcNvryqQpI_sa_MAt5RmGHB599tvaxzfaWuCwAU68WathtW9e

Request Chain 184

https://d5p.de17a.com/cookies/google?google_gid=CAESEDNOVikbiunTDlycPX9pA3E&google_cver=1&google_push=AZmPxg8v2Yu8jUpEPVM-LVf4qgrnNOHFcKov6GIQud4zX58wiUWsAbwVohr07Pi_EC3MYmX8ulU6RDRjz8vLdCqN94IXsJbN7xY HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDNOVikbiunTDlycPX9pA3E&google_cver=1&google_push=AZmPxg8v2Yu8jUpEPVM-LVf4qgrnNOHFcKov6GIQud4zX58wiUWsAbwVohr07Pi_EC3MYmX8ulU6RDRjz8vLdCqN94IXsJbN7xY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8v2Yu8jUpEPVM-LVf4qgrnNOHFcKov6GIQud4zX58wiUWsAbwVohr07Pi_EC3MYmX8ulU6RDRjz8vLdCqN94IXsJbN7xY

Request Chain 185

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJigKy6M0C26ANCtzz4O4JY&google_cver=1&google_push=AZmPxg9kSsbXVI8KRDNt8B1uKVmWvSpfoON0ZsbAtks4b6R-IMPsZiB14WVxRleITM2_SNUd90QGrIJgBSKEkQSf0MbALb2gQZLrMQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJigKy6M0C26ANCtzz4O4JY&google_cver=1&google_push=AZmPxg9kSsbXVI8KRDNt8B1uKVmWvSpfoON0ZsbAtks4b6R-IMPsZiB14WVxRleITM2_SNUd90QGrIJgBSKEkQSf0MbALb2gQZLrMQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS05cjE3Y0FsRTJ1RU8xcDRkeWMwNzBjbzNTSklUbGJ5bn5B&google_push=AZmPxg9kSsbXVI8KRDNt8B1uKVmWvSpfoON0ZsbAtks4b6R-IMPsZiB14WVxRleITM2_SNUd90QGrIJgBSKEkQSf0MbALb2gQZLrMQ

Request Chain 186

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMcPKBU6ZcQbdWz3Dn4iasE&google_cver=1&google_push=AZmPxg8OKoN9uYOM-AeCX6x_fSXJMTbBE3dgkJxCiIwp6YT2XWe92Mzi5nFLYTp2Z7Ey2XTG6r3aIG13atPA-P9vzRcTYa8t7jg24g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8OKoN9uYOM-AeCX6x_fSXJMTbBE3dgkJxCiIwp6YT2XWe92Mzi5nFLYTp2Z7Ey2XTG6r3aIG13atPA-P9vzRcTYa8t7jg24g HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 187

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHeg54ATzRZkqEXnNU8RLuk&google_cver=1&google_push=AZmPxg96uN1HkyantgkV7u4zgqoy54zJGjzAwEJ2i3mLOI8fdR7h-v7NRFa2fozrvouYsZQ8z4bVxjXkVpezNsbdxADGVdJQm7lxtA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTc3NzM3ODY1NzEzOTgxMTE4NA%3D%3D&google_gid=CAESEHeg54ATzRZkqEXnNU8RLuk&google_cver=1&google_push=AZmPxg96uN1HkyantgkV7u4zgqoy54zJGjzAwEJ2i3mLOI8fdR7h-v7NRFa2fozrvouYsZQ8z4bVxjXkVpezNsbdxADGVdJQm7lxtA

233 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
online2pdf.com/
Redirect Chain

http://s2.online2pdf.com/
http://online2pdf.com/
https://online2pdf.com/

84 KB
15 KB

119ms
88ms

Document
text/html

92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL

https://online2pdf.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),

Reverse DNS

s4.online2pdf.com

Software

Apache /

Resource Hash

4e32fe490999ee7ccf91ef6c4e592dca5af768a9582990b2a33bb68b2dc3bc7b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Sep 2022 12:26:48 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Origin-Agent-Cluster: ?0
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Sep 2022 12:26:48 GMT
Keep-Alive: timeout=5, max=100
Location: https://online2pdf.com/
Origin-Agent-Cluster: ?0
Server: Apache

GET
H/1.1 200
OK 9.6.0-7.css
online2pdf.com/de/style/955/ 43 KB
9 KB 29ms
28ms Stylesheet
text/css 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL: https://online2pdf.com/de/style/955/9.6.0-7.css
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: bfb27b33e7aa731d3c7189977bfdee771b74a8977c9fd0627785270448f3d2ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Origin-Agent-Cluster: ?0
Cache-Control: public, max-age=3600
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK 9.6.0-7.js Show response
online2pdf.com/de/script/955/ 206 KB
40 KB 103ms
75ms Script
application/javascript 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL: https://online2pdf.com/de/script/955/9.6.0-7.js
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: cb3395d3c968f5eeafa662274d4baf1f764afdd67a366dddebbea5f0fe1f33a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Origin-Agent-Cluster: ?0
Cache-Control: public, max-age=3600
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK ads.js Show response
online2pdf.com/showad/ 19 B
317 B 62ms
35ms Script
application/javascript 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL: https://online2pdf.com/showad/ads.js
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: d603c14b279c4bd3ad5b16c88d99cb5c5f1b816fcc966730cbf0fdf4453887d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Origin-Agent-Cluster: ?0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK flag_de.png
online2pdf.com/images/9.6.0/ 2 KB
2 KB 13ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/flag_de.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 5a68ef8b63c5914e354aa61e913e48452bb44f8f06262483b27717cdbac83eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:18:46 GMT
Server: Apache
ETag: "658-59f0949e0f09d"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1624

GET
H/1.1 200
OK flag_en.png
online2pdf.com/images/9.6.0/ 2 KB
3 KB 13ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/flag_en.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 7bcf2bac32babb6a03adea909582627f60c69b35b617c6a2bafdc964474ba843

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:19:02 GMT
Server: Apache
ETag: "967-59f094ad2a36f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2407

GET
H/1.1 200
OK flag_fr.png
online2pdf.com/images/9.6.0/ 1 KB
2 KB 13ms
12ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/flag_fr.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 6ca3c3b408e842f1d30e443ec9d7588f371fc2c3e50c02f51d506651c439b703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:19:34 GMT
Server: Apache
ETag: "5f7-59f094cc37fb6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1527

GET
H/1.1 200
OK flag_es.png
online2pdf.com/images/9.6.0/ 2 KB
2 KB 13ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/flag_es.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 160a20bb1f82b7851d7d063b20ecf4ce8af251867e1c112a27a8825e76097f4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:19:17 GMT
Server: Apache
ETag: "8ed-59f094bb99c83"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2285

GET
H/1.1 200
OK flag_it.png
online2pdf.com/images/9.6.0/ 2 KB
2 KB 13ms
12ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/flag_it.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 204c3361b4063d7d3c5017455d87516838b2bf2a11f0cdeef39abcea55221e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:19:50 GMT
Server: Apache
ETag: "773-59f094db2f6cd"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1907

GET
H/1.1 200
OK flag_pt.png
online2pdf.com/images/9.6.0/ 3 KB
3 KB 13ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/flag_pt.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: d64d69e7dcf31e33e8ff0ca402114db859a13e8514ee0777a964430e8dfc8900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:20:07 GMT
Server: Apache
ETag: "a20-59f094eb0d1dd"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2592

GET
H/1.1 200
OK pdf_icon.png
online2pdf.com/images/9.6.0/ 19 KB
20 KB 13ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/pdf_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: a040eccd56269b4b1cff436d49f3328a673c968517fcf6c6da0f46d9ae5e4743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 21:51:23 GMT
Server: Apache
ETag: "4ddc-59f08e7f6bea2"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 19932

GET
H/1.1 200
OK online2pdf_text.png
online2pdf.com/images/9.6.0/ 26 KB
27 KB 17ms
14ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/online2pdf_text.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 9a675ea5f409c66886094320441c46a00e85e7ba76201df0046f3712be427959

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 21:53:40 GMT
Server: Apache
ETag: "69bd-59f08f024006a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 27069

GET
H/1.1 200
OK arrow_down.png
online2pdf.com/images/9.6.0/ 2 KB
3 KB 21ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/arrow_down.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 129fd31d9148b4e7cf9cdf6b99db533ca7f1a62f7ad98a764272fd943f3a0052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:07:44 GMT
Server: Apache
ETag: "9ab-59f092266d5ad"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2475

GET
H/1.1 200
OK menu_button.png
online2pdf.com/images/9.6.0/ 1 KB
1 KB 27ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/menu_button.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 8774fc2d7df2f003b97bb7faf6170572f8b80c6d2e7c2d1ed883b5078f014acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:21:41 GMT
Server: Apache
ETag: "4de-59f09544fa0b3"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1246

GET
H/1.1 200
OK facebook_icon.png
online2pdf.com/images/9.6.0/socialmedia/ 1 KB
1 KB 31ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/socialmedia/facebook_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 79d9d0cb995a45ed1d63a59cc6d7ee01ed1e2e01d54c1fd6da7bde3c786e69d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:29:24 GMT
Server: Apache
ETag: "419-59f096feb90aa"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1049

GET
H/1.1 200
OK twitter_icon.png
online2pdf.com/images/9.6.0/socialmedia/ 2 KB
2 KB 64ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/socialmedia/twitter_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 83afa0a7a3ed44befb6e2c53b69be58d040463f0dafac394bfe3df0d882d03b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:30:14 GMT
Server: Apache
ETag: "623-59f0972e2da84"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1571

GET
H/1.1 200
OK linkedin_icon.png
online2pdf.com/images/9.6.0/socialmedia/ 844 B
1 KB 59ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/socialmedia/linkedin_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: a643e3b28d0dab5d1a015ffb03b60e790bfa2d111475b9b624da23996b43cc33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Mon, 04 May 2020 14:51:35 GMT
Server: Apache
ETag: "34c-5a4d3aadf9485"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 844

GET
H/1.1 200
OK youtube_icon.png
online2pdf.com/images/9.6.0/socialmedia/ 762 B
1 KB 55ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/socialmedia/youtube_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 13cc7c79f4078269405bee0c46f7352600c43af70b0dc9f7d95bf08c2dc79d11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Fri, 16 Sep 2022 17:27:02 GMT
Server: Apache
ETag: "2fa-5e8ceab89fb9e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 762

GET
H/1.1 200
OK instagram_icon.png
online2pdf.com/images/9.6.0/socialmedia/ 3 KB
3 KB 34ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/socialmedia/instagram_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 8fe958140956e46fe97220f508de9e588ea2c33bc30f92e4d6aeda2b71d99f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Mon, 01 Aug 2022 15:39:47 GMT
Server: Apache
ETag: "caf-5e52fcf4249a6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 3247

GET
H/1.1 200
OK tiktok_icon.png
online2pdf.com/images/9.6.0/socialmedia/ 2 KB
2 KB 29ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/socialmedia/tiktok_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 8b6dc5c46fef04dbd427d4e9652ac9ea8ecb4ec45cf0187e7a7c1431eb35f9fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Fri, 16 Sep 2022 17:23:46 GMT
Server: Apache
ETag: "682-5e8ce9fd5105a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1666

GET
H/1.1 200
OK ssl.png
online2pdf.com/images/9.6.0/ 8 KB
8 KB 28ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/ssl.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: d5ce4ea56dcebba22aa104344763baf784401ad477ec9c5a935a77eebb6b5bd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:24:30 GMT
Server: Apache
ETag: "2008-59f095e66f25b"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8200

GET
H/1.1 200
OK step_one.png
online2pdf.com/images/9.6.0/ 448 B
716 B 42ms
12ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/step_one.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 7a024b3a515404415c303d7919b04405dac6994811c1e6af29b0a936cfa714ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:25:20 GMT
Server: Apache
ETag: "1c0-59f096155ace5"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 448

GET
H/1.1 200
OK step_two.png
online2pdf.com/images/9.6.0/ 770 B
1 KB 42ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/step_two.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: b460fb43c0d18b583b113c5fbb8eaf6f317db3df4ade6b2898f44971190cc4e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:25:56 GMT
Server: Apache
ETag: "302-59f09638292e0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 770

GET
H/1.1 200
OK step_three.png
online2pdf.com/images/9.6.0/ 794 B
1 KB 48ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/step_three.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 657a6270acd4d75e521ead362617cadcaaddea44b685e2974d2edcf632e6e1d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:25:40 GMT
Server: Apache
ETag: "31a-59f09628d4c93"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 794

GET
H/1.1 200
OK info.png
online2pdf.com/images/9.6.0/ 3 KB
3 KB 13ms
12ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/info.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: fb88fd8b1c6da5a5596e484dfc2698ede30654596bd081f9558e25d20578ca06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:20:41 GMT
Server: Apache
ETag: "c1d-59f0950bcfa92"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3101

GET
H/1.1 200
OK preferences_compression_icon.png
online2pdf.com/images/9.6.0/preferences/ 844 B
1 KB 13ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/preferences/preferences_compression_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 67a0cd3879eb0b17424177823ebc4d20069197e97bb483fe63f2a629b3f4e138

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:40:13 GMT
Server: Apache
ETag: "34c-59f09969cdf2c"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 844

GET
H/1.1 200
OK preferences_view_icon.png
online2pdf.com/images/9.6.0/preferences/ 694 B
962 B 13ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/preferences/preferences_view_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: eb87d6943cde131a0710f9c48fa641b4f65866455668ce3439052cbd3234d109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:41:36 GMT
Server: Apache
ETag: "2b6-59f099b817de6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 694

GET
H/1.1 200
OK preferences_image_icon.png
online2pdf.com/images/9.6.0/preferences/ 955 B
1 KB 15ms
14ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/preferences/preferences_image_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: fe7d221e7ccf2543f75855d55d8052df7876bcf6a8b7a372f900d5d2ab7f58ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:40:54 GMT
Server: Apache
ETag: "3bb-59f0999064275"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 955

GET
H/1.1 200
OK preferences_protection_icon.png
online2pdf.com/images/9.6.0/preferences/ 678 B
946 B 13ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/preferences/preferences_protection_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 6f0552daf770cff2789f4951a83a8913c2eafaa082785f1ba0a29700ce64ab87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:41:23 GMT
Server: Apache
ETag: "2a6-59f099abc20c4"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 678

GET
H/1.1 200
OK preferences_headerfooter_icon.png
online2pdf.com/images/9.6.0/preferences/ 534 B
802 B 13ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/preferences/preferences_headerfooter_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 3134ead8cde3b183908742311737674a75dd44b201fd269ea20c7df28a38c7d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:40:41 GMT
Server: Apache
ETag: "216-59f09984220f6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 534

GET
H/1.1 200
OK preferences_excel_icon.png
online2pdf.com/images/9.6.0/preferences/ 883 B
1 KB 13ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/preferences/preferences_excel_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 2722c954a8ba72763a8b76c7f4ff1dea2c543c3a1ff14837dea2a9fe789a8942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:40:28 GMT
Server: Apache
ETag: "373-59f099780d51a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 883

GET
H/1.1 200
OK preferences_layout_icon.png
online2pdf.com/images/9.6.0/preferences/ 213 B
480 B 14ms
14ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/preferences/preferences_layout_icon.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: eacea388d593b25ed247ec1f6c94b68e266a5f9b9ead59bf3a0b2a32b6f414d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:41:06 GMT
Server: Apache
ETag: "d5-59f0999c1d8d8"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 213

GET
H/1.1 200
OK help.png
online2pdf.com/images/9.6.0/ 906 B
1 KB 13ms
12ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/help.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 71c77b11affd8a8f825dce30164019fcbd612b0cfabaf91f1f73cdff3562f731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:20:24 GMT
Server: Apache
ETag: "38a-59f094fbe2b67"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 906

GET
H/1.1 200
OK tooltip_arrow.png
online2pdf.com/images/9.6.0/ 368 B
636 B 14ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/tooltip_arrow.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 730f8076b0de7120b1a302aac1256ab376b6637edb87485590dc9413daa27554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:26:29 GMT
Server: Apache
ETag: "170-59f09657b2fe5"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 368

GET
H/1.1 200
OK word.png
online2pdf.com/images/9.6.0/file_icon/ 2 KB
2 KB 26ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/file_icon/word.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 517d69e9ba18ba94dc1d595b01a4a6253d127e07a2e5b3c8d50072c35f86be77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:36:41 GMT
Server: Apache
ETag: "687-59f0989f0bccb"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1671

GET
H/1.1 200
OK excel.png
online2pdf.com/images/9.6.0/file_icon/ 2 KB
2 KB 15ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/file_icon/excel.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 89b41f25cc4a5d2672857d6038ab85e975f71b54e056cc8598963b8f8cfd7c5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:32:54 GMT
Server: Apache
ETag: "700-59f097c6928b3"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1792

GET
H/1.1 200
OK powerpoint.png
online2pdf.com/images/9.6.0/file_icon/ 2 KB
2 KB 25ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/file_icon/powerpoint.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: da2b63fefed1687611db88864450bdc8162f0b3a6c11d0b0cb1472821e48eeb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:35:09 GMT
Server: Apache
ETag: "62e-59f098479412e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1582

GET
H/1.1 200
OK publisher.png
online2pdf.com/images/9.6.0/file_icon/ 2 KB
2 KB 38ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/file_icon/publisher.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: bf3f98017b277064d325789b391f88c47f5668fc852258bdd7f276db542481e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:35:41 GMT
Server: Apache
ETag: "6da-59f09865e4ee0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1754

GET
H/1.1 200
OK image.png
online2pdf.com/images/9.6.0/file_icon/ 1 KB
1 KB 24ms
12ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/file_icon/image.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 4a68b17866cc125378f37d90b56c4ac5ecd36ea37f1be71e12681eaca4831039

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:33:07 GMT
Server: Apache
ETag: "4a8-59f097d3723ea"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1192

GET
H/1.1 200
OK odf_write.png
online2pdf.com/images/9.6.0/file_icon/ 2 KB
2 KB 39ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/file_icon/odf_write.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 822ca33fd3327e591efb7df27161328ff3b035a19f03218c3c5de686fca5e2bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:34:22 GMT
Server: Apache
ETag: "615-59f0981a6a9df"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1557

GET
H/1.1 200
OK xps.png
online2pdf.com/images/9.6.0/file_icon/ 1 KB
2 KB 39ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/file_icon/xps.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: 4a6a9091297d86c3d40e17c33b76dcda3bc20fc059522c3eb046db923d0e681a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:36:58 GMT
Server: Apache
ETag: "5fa-59f098af63882"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1530

GET
H/1.1 200
OK pdf_format.png
online2pdf.com/images/9.6.0/file_icon/ 1 KB
2 KB 21ms
12ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/file_icon/pdf_format.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: c558d2c2f86b94d74442397a88c53c5bf27e812b165926f50b7dd07ba069e802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 20 Feb 2020 22:34:56 GMT
Server: Apache
ETag: "510-59f0983b1ea6c"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1296

GET
H/1.1 200
OK false2.png
online2pdf.com/images/9.6.0/ 1 KB
1 KB 13ms
13ms Image
image/png 92.42.142.174
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online2pdf.com/images/9.6.0/false2.png
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.174 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s4.online2pdf.com
Software: Apache /
Resource Hash: efd2fe255e4154630d6cfba7635156bee870a053148dfee8618fe28d31703639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:48 GMT
Last-Modified: Thu, 27 Feb 2020 14:26:03 GMT
Server: Apache
ETag: "473-59f8f8037a7b3"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1139

GET
H/1.1 200
OK vertical Show response
ads.online2pdf.com/ Frame 29AC 2 KB
1 KB 80ms
22ms Document
text/html 92.42.142.172
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.online2pdf.com/vertical
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/de/script/955/9.6.0-7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.172 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s2.online2pdf.com
Software: Apache /
Resource Hash: e30aaafd4c7dd534259b8e35db4af9af5913b5dc7734364ac0e232c677d1f2e4

Request headers

Referer: https://online2pdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Sep 2022 12:26:47 GMT
Keep-Alive: timeout=5, max=100
Origin-Agent-Cluster: ?0
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK horizontal Show response
ads.online2pdf.com/ Frame 82A9 2 KB
1 KB 77ms
27ms Document
text/html 92.42.142.172
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.online2pdf.com/horizontal
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/de/script/955/9.6.0-7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.42.142.172 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: s2.online2pdf.com
Software: Apache /
Resource Hash: efb6f9331a30ebe5adfbccc4aacf53fdbb5c6fd74edcc0fb64bac144b5a46d2b

Request headers

Referer: https://online2pdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Sep 2022 12:26:47 GMT
Keep-Alive: timeout=5, max=100
Origin-Agent-Cluster: ?0
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 fuse.js Show response
cdn.fuseplatform.net/publift/tags/2/2825/ Frame 29AC 191 KB
46 KB 71ms
9ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/publift/tags/2/2825/fuse.js
Requested by: Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/vertical
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8c3d2c1486a53889fe9f27bb942f142c9cc9ce028ccb7c5d3ffe21c74957bca0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 00:37:04 GMT
server: AkamaiNetStorage
etag: "65f9c74009c5d4040fcad193bb61ef04:1663720624.293755"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 46555
expires: Wed, 28 Sep 2022 12:56:49 GMT

GET
H2 200 fuse.js Show response
cdn.fuseplatform.net/publift/tags/2/2825/ Frame 82A9 191 KB
46 KB 67ms
12ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/publift/tags/2/2825/fuse.js
Requested by: Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/horizontal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8c3d2c1486a53889fe9f27bb942f142c9cc9ce028ccb7c5d3ffe21c74957bca0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 00:37:04 GMT
server: AkamaiNetStorage
etag: "65f9c74009c5d4040fcad193bb61ef04:1663720624.293755"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 46555
expires: Wed, 28 Sep 2022 12:56:49 GMT

GET
H2 200 prebid-f94d0ee19c0589142155218cbab526af.js Show response
cdn.fuseplatform.net/prebid/ Frame 29AC 303 KB
93 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2825/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a029b6ba2942a3d338c77b729d9d8325947768886f3c091566db56b880ed0148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 03:11:05 GMT
server: AkamaiNetStorage
etag: "85ac6f2b388b129869ac77c37976b2cb:1661742665.07802"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400000
accept-ranges: bytes
content-length: 94322
expires: Tue, 24 Jun 2025 12:26:49 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 29AC 167 KB
43 KB 51ms
11ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2825/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
last-modified: Thu, 15 Sep 2022 20:15:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
x-amz-server-side-encryption: AES256
etag: W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 9STt4bLVtl52BqPvTpNRNENS6kLjmxm5Ztlxv3dK3V_q6d5k5VPcrQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 29AC 80 KB
28 KB 59ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2825/fuse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d90500059bf2da09057e5ec01286818fcf24f72964f045c8a40c0507639af2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27722
x-xss-protection: 0
server: sffe
etag: "1347 / 723 of 1000 / last-modified: 1664363254"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Sep 2022 12:26:49 GMT

GET
H2 200 prebid-f94d0ee19c0589142155218cbab526af.js Show response
cdn.fuseplatform.net/prebid/ Frame 82A9 303 KB
93 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2825/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a029b6ba2942a3d338c77b729d9d8325947768886f3c091566db56b880ed0148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 03:11:05 GMT
server: AkamaiNetStorage
etag: "85ac6f2b388b129869ac77c37976b2cb:1661742665.07802"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400000
accept-ranges: bytes
content-length: 94322
expires: Tue, 24 Jun 2025 12:26:49 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 82A9 167 KB
43 KB 46ms
13ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2825/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
last-modified: Thu, 15 Sep 2022 20:15:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
x-amz-server-side-encryption: AES256
etag: W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: hLGb-SgdHU8HvCAVxEy_HWp3i-u5DDN0gfVJsXdwxWFSIV6q7jLo4A==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 82A9 80 KB
27 KB 62ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2825/fuse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d90500059bf2da09057e5ec01286818fcf24f72964f045c8a40c0507639af2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27722
x-xss-protection: 0
server: sffe
etag: "1347 / 623 of 1000 / last-modified: 1664363254"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Sep 2022 12:26:49 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 29AC 36 B
564 B 109ms
80ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=844728&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221414e25740ec31%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fonline2pdf.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fonline2pdf.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fads.online2pdf.com%2Fvertical%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22223488208fcb06%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22844728%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22844728%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844728%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22844728%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22844728%22%2C%22sid%22%3A%221x1%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22publift.com%22%2C%22sid%22%3A%2201G47GECJV6Y4SCXCV15STK2KH%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7e5a31143a45da34c01216f6d5620f60d58dd6694e06037d1fa1bf00988282

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihcBisWI5WWqrXzlXHESNv48RANvCSyA4LU31hQsI%2F37mwP3epgLVOiK98T9Z1lyEEtYxWpN4Z60LvuLPNPiml3AyrxjAHLPT056KIIBfCSZJHKl4vBlEK1vLCd0mBS7Cosi626y"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ads.online2pdf.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 751c78395f7fbb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 29AC 8 KB
5 KB 209ms
125ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=433180&zone_id=2477104&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!publift.com,01G47GECJV6Y4SCXCV15STK2KH,1,,,&rf=https%3A%2F%2Fonline2pdf.com%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=3034924a-54fc-43c2-bc1f-a8f0844a4cf7&l_pb_bid_id=709935f94fcf5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6461114957957872
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 121e85044f2e1b37295e187e8b25a65e99d295fd9ebd992a8a0922c50cad5a94

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 12:26:49 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://ads.online2pdf.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4447
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 29AC 0
62 B 138ms
89ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ads.online2pdf.com
date: Wed, 28 Sep 2022 12:26:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ Frame 29AC 171 B
560 B 173ms
53ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:48 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ads.online2pdf.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST hb
ssc.33across.com/api/v1/ Frame 29AC 0
0

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 29AC 19 B
508 B 219ms
195ms XHR
application/json 52.28.133.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fonline2pdf.com%2F&tmax=1000

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.133.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-133-239.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:49 GMT
accept-ch: sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ads.online2pdf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ Frame 29AC 16 B
250 B 132ms
87ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ads.online2pdf.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Wed, 28 Sep 2022 12:26:49 GMT

GET
H2 200 arj Show response
publift-d.openx.net/w/1.0/ Frame 29AC 73 B
380 B 45ms
22ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://publift-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fonline2pdf.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=3034924a-54fc-43c2-bc1f-a8f0844a4cf7%2C3034924a-54fc-43c2-bc1f-a8f0844a4cf7%2C3034924a-54fc-43c2-bc1f-a8f0844a4cf7%2C3034924a-54fc-43c2-bc1f-a8f0844a4cf7&nocache=1664368009157&schain=1.0%2C1!publift.com%2C01G47GECJV6Y4SCXCV15STK2KH%2C1%2C%2C%2C&aus=1x1%2C120x600%2C160x600%2C300x250%2C300x600%7C1x1%2C120x600%2C160x600%2C300x250%2C300x600%7C1x1%2C120x600%2C160x600%2C300x250%2C300x600%7C1x1%2C120x600%2C160x600%2C300x250%2C300x600&divids=fuse-slot-22756694728-1%2Cfuse-slot-22756694728-1%2Cfuse-slot-22756694728-1%2Cfuse-slot-22756694728-1&aucs=%2C%2C%2C&auid=557545879%2C557545879%2C557545879%2C557545879
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 584b231cd33be7d961f289d9311cc6905fab0b85357f5c7917190330f65bb4fa

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ads.online2pdf.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 29AC 139 B
827 B 51ms
14ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

1af13cd4a704e5cad67147cc855db0fdd8177050bcdbd5daf039a054eaf34a04

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 12:26:49 GMT
AN-X-Request-Uuid: 283885d0-f756-4d02-98a5-c6266acfc8e0
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ads.online2pdf.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 v2 Show response
i.connectad.io/api/ Frame 29AC 106 B
158 B 202ms
173ms XHR
application/json 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21db5e6df299526cc8e5e9f32055582efbd616a9964c51dc20f574e2e313f039

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://ads.online2pdf.com
content-type: application/json
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 751c783978279b4c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 29AC 0
219 B 91ms
45ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.27.0&cb=62145517492

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Sep 2022 12:26:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://ads.online2pdf.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 29AC 0
279 B 61ms
24ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ads.online2pdf.com
date: Wed, 28 Sep 2022 12:26:48 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
server: envoy
vary: origin, Accept-Encoding

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 29AC 24 B
655 B 61ms
17ms XHR
application/json 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 31f281abd65cf29a41b80902ebd3269442bbcc64a651b2cd8f187f817c694d64

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
pod: X-Sovrn-Pod: ad_ap5ams1
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://ads.online2pdf.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 82A9 19 B
509 B 67ms
67ms XHR
application/json 52.28.133.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fonline2pdf.com%2F&tmax=1000

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.133.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-133-239.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:49 GMT
accept-ch: sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ads.online2pdf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ Frame 82A9 171 B
560 B 190ms
112ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:48 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ads.online2pdf.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 82A9 4 KB
3 KB 255ms
211ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=433180&zone_id=2477104&size_id=2&alt_size_ids=55&rp_schain=1.0,1!publift.com,01G47GECJV6Y4SCXCV15STK2KH,1,,,&rf=https%3A%2F%2Fonline2pdf.com%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=e771c272-5c6f-45d1-a712-e4c607d0aa61&l_pb_bid_id=77ae9a4132b303&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7477695432684766
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4053e941aa88ffa1b3934bdf273a499d492d87b90908f0bfa524d869c872d77f

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 12:26:49 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://ads.online2pdf.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1774
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 82A9 24 B
655 B 43ms
15ms XHR
application/json 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 69e130f045116af9a6a6f1a1df90081c8a3d6615982920d7001c5f08a8a72683

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
pod: X-Sovrn-Pod: ad_ap5ams1
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://ads.online2pdf.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 200 v2 Show response
i.connectad.io/api/ Frame 82A9 60 B
372 B 83ms
82ms XHR
application/json 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2359cd310e9753bef21875b03da1ba2ef2119719e6d86a55a35496bb76609c3a

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://ads.online2pdf.com
content-type: application/json
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 751c783978359b4c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 82A9 19 B
706 B 70ms
52ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 12:26:49 GMT
AN-X-Request-Uuid: e1653b09-89c4-4fa2-a8a9-7bd6fbbaa7d2
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ads.online2pdf.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 82A9 0
118 B 84ms
83ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ads.online2pdf.com
date: Wed, 28 Sep 2022 12:26:49 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
publift-d.openx.net/w/1.0/ Frame 82A9 72 B
147 B 21ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://publift-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fonline2pdf.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=e771c272-5c6f-45d1-a712-e4c607d0aa61%2Ce771c272-5c6f-45d1-a712-e4c607d0aa61&nocache=1664368009196&schain=1.0%2C1!publift.com%2C01G47GECJV6Y4SCXCV15STK2KH%2C1%2C%2C%2C&aus=728x90%2C970x90%7C728x90%2C970x90&divids=fuse-slot-22757043374-1%2Cfuse-slot-22757043374-1&aucs=%2C&auid=557545879%2C557545879
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 93d5e9d75affe26a66d55bf548438fb4af829e68f32ae33466aff30398fb0d08

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ads.online2pdf.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ Frame 82A9 16 B
250 B 90ms
87ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:49 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ads.online2pdf.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Wed, 28 Sep 2022 12:26:49 GMT

POST hb
ssc.33across.com/api/v1/ Frame 82A9 0
0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 82A9 37 B
319 B 52ms
52ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=844728&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2228291e59f21e821%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fonline2pdf.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fonline2pdf.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fads.online2pdf.com%2Fhorizontal%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2229babd7384cc29%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844728%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844728%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22publift.com%22%2C%22sid%22%3A%2201G47GECJV6Y4SCXCV15STK2KH%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28946bc66a553aa338fb7a08c0750aeddee9b86f01e3f8e9cdbb58b4960e097b

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVKw6lNC14OGWAqHJaxEKxOi2qoaeVD%2B7PDCVZlkot1gRwJemrQm2KbYbnDYS8b0tmAqu%2FF%2BJkQ%2BJ5RIfgneyYd%2FWdBrSnsMFvN5DfbXpe9zX7%2FoJ3pUMlr%2FV%2B49BwJxzJwfAD7c"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ads.online2pdf.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 751c78398ff5bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 82A9 0
220 B 37ms
30ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.27.0&cb=93936699154

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Sep 2022 12:26:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://ads.online2pdf.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 82A9 0
131 B 24ms
22ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.online2pdf.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ads.online2pdf.com
date: Wed, 28 Sep 2022 12:26:48 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 pubads_impl_2022092201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 29AC 379 KB
128 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131358
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 08:36:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Sep 2023 12:07:48 GMT

GET
H2 200 pubads_impl_2022092201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 82A9 379 KB
128 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131358
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 08:36:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Sep 2023 12:07:48 GMT

GET
H2 200 tag Show response
btloader.com/ Frame 29AC 67 KB
12 KB 62ms
20ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2825/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7eb29e39ad53cd405d44aa6843c61bf6c341d70e157413cac099adb2a4b4fe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Sep 2022 11:44:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2484
etag: W/"977b83b54acd14f5420fa9ff09a5a0ac"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5AvsubcDJ5U4XznucwJVHbH8S4i%2BHlpP%2BFZcVCZgOMqMVZ7UNvd%2BpByUhBUG2d%2B2PPGc4XeN46DPj%2FLnXZwocLhivj2sO87PmgnQkl6qza8w2WVX7V82TYzKQBrx1pARmdqKqIJTMPadw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray: 751c783a39c29142-FRA

GET
H2 200 tag Show response
btloader.com/ Frame 82A9 67 KB
12 KB 44ms
21ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2825/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7eb29e39ad53cd405d44aa6843c61bf6c341d70e157413cac099adb2a4b4fe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Sep 2022 11:44:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2484
etag: W/"977b83b54acd14f5420fa9ff09a5a0ac"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGtHMsHNrQLLCU3MxHBKy1iDDeX3qHmFb3GRHbiUI2DezOUveSQRDfGv6trQRqnvagoW84UHM9tyT4xt9UlC5Y0xWFOBWrbwJpV5PGZsOZ9IIkex9hDAT9byP8P5VvNw58o15KD7PuX8GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray: 751c783a39c59142-FRA

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 82A9 6 KB
3 KB 23ms
8ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding: gzip
via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
date: Wed, 28 Sep 2022 05:40:38 GMT
x-amz-cf-pop: FRA56-P6
age: 24473
x-cache: Hit from cloudfront
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: _5vjaZ84lWAYzvsjzBxzia76YUOaORmEX2K4IK3Gdz5dUNvIP4B4uA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 82A9 0
311 B 10ms
10ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fads.online2pdf.com&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 10:58:00 GMT
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 5329
x-cache: Hit from cloudfront
access-control-allow-origin: https://ads.online2pdf.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: aruYds5iV7tN7YQJFyHov90QwhbdHbs1HUDcUpLljKRBa6bz3nHaPQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 29AC 6 KB
3 KB 22ms
8ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding: gzip
via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
date: Wed, 28 Sep 2022 05:40:38 GMT
x-amz-cf-pop: FRA56-P6
age: 24473
x-cache: Hit from cloudfront
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: gTIMaVc0lNjMLUKmI_qZhI4O-yHMGSdghzWf7jlCAo8fZIkcys-kMw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 29AC 0
311 B 9ms
9ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fads.online2pdf.com&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 10:58:00 GMT
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 5329
x-cache: Hit from cloudfront
access-control-allow-origin: https://ads.online2pdf.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: hdlk4ebzon6-LH8sw9NXOuRm1CJeGkaADv6oiY4y1PWm8Kepov4zoA==

GET
H2 200 px.gif
ad-delivery.net/ Frame 29AC 43 B
336 B 61ms
33ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/vertical
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1344993
x-guploader-uploadid: ADPycdvCK7q3Wdt7R9vKSQ60qF2eI0J1BOmfer-V5AEFV3TaCHpHa7CuGA3gUPG-l1aB3_JmybyzxFmidoOtVAbBRskLZJl5aQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iew7BF0mRvJR3V8dpxFK2ZhQ73sm0eaBIRUcwEeHYrgMSOAd1w7qAIt48eQCbkBJmyjVOLX4e8NKh3ZGF4z0wl%2FCMg0WmbaSfZ3evp3FbJEgIC2PS0E1DRnFBmhFPbZtrFOmMhVB%2Fkyf7aj0iw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 751c783aaf27bbfd-FRA
expires: Mon, 12 Sep 2022 23:50:16 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ Frame 29AC 1 KB
664 B 46ms
7ms Image
image/x-icon 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/vertical

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Sep 2022 13:30:54 GMT

GET
H2 200 px.gif
ad-delivery.net/ Frame 29AC 43 B
872 B 60ms
32ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.12432509965215632
Requested by: Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/vertical
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1344993
x-guploader-uploadid: ADPycdvCK7q3Wdt7R9vKSQ60qF2eI0J1BOmfer-V5AEFV3TaCHpHa7CuGA3gUPG-l1aB3_JmybyzxFmidoOtVAbBRskLZJl5aQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrThs7dHkFJt0cC%2F9x%2FcbxasQqyMRbDO8tP%2FagfaQ3n%2B7xzayJ3Wusndedsl2oVMUSjettPr%2BYQP9XxF19%2FCqG4sx%2BleVY6QgMX9zTRPR7udbnf7gscVxOpUfq7dB12q9%2FRyFaMF1wg24CF%2BrA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 751c783aaf2cbbfd-FRA
expires: Mon, 12 Sep 2022 23:50:16 GMT

GET
H2 200 px.gif
ad-delivery.net/ Frame 82A9 43 B
342 B 65ms
38ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1344993
x-guploader-uploadid: ADPycdvCK7q3Wdt7R9vKSQ60qF2eI0J1BOmfer-V5AEFV3TaCHpHa7CuGA3gUPG-l1aB3_JmybyzxFmidoOtVAbBRskLZJl5aQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUlOMEM3ZXWjpEliXS%2FvL7fb668sdit8Q8O9GAlEVEqjo%2F%2FdDP6Hx%2BHnGkBPXhvpLX9cjYjPb38oqyPNUKJLPJDKoKDpedTjkx37B2m6v0VnE4DwGTynY5oP9J%2BXnPfCHTtS7M2r9I8ocRWbsA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 751c783aaf2fbbfd-FRA
expires: Mon, 12 Sep 2022 23:50:16 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ Frame 82A9 1 KB
165 B 45ms
8ms Image
image/x-icon 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Sep 2022 13:30:54 GMT

GET
H2 200 px.gif
ad-delivery.net/ Frame 82A9 43 B
336 B 63ms
36ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.17817013904101864
Requested by: Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/horizontal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1344993
x-guploader-uploadid: ADPycdvCK7q3Wdt7R9vKSQ60qF2eI0J1BOmfer-V5AEFV3TaCHpHa7CuGA3gUPG-l1aB3_JmybyzxFmidoOtVAbBRskLZJl5aQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcI8oIFKDphIQqAAJgRtuYxg3BZxbYbnEBeclrzttfTwgeMqi851MN3WOSxSYUld4q7K8muq9OsDAd1rsnFFO2GFTh3YCYCWPM274MU2xFfPKIOfWaJi%2FfyWSfeV10Oorg5%2BIlpNvSYpKWsFRw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 751c783aaf31bbfd-FRA
expires: Mon, 12 Sep 2022 23:50:16 GMT

GET
H2 204 pv Show response
api.btloader.com/ Frame 29AC 0
128 B 145ms
120ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=PX7NsBle1&w=5681095387906048&o=5708166709903360&cv=2.0.10-11-g48983ca&r=false&vr=300x600&pageURL=https%3A%2F%2Fads.online2pdf.com%2Fvertical&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Sep 2022 12:26:49 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 204 pv Show response
api.btloader.com/ Frame 82A9 0
40 B 143ms
120ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=mrOrsC4o&w=5681095387906048&o=5708166709903360&cv=2.0.10-11-g48983ca&r=false&vr=970x120&pageURL=https%3A%2F%2Fads.online2pdf.com%2Fhorizontal&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Sep 2022 12:26:49 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 29AC 107 B
792 B 129ms
41ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ads.online2pdf.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 29AC 107 B
549 B 61ms
21ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ads.online2pdf.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 29AC 56 KB
20 KB 289ms
289ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1590807667526688&correlator=3262194525041409&eid=44772497&output=ldjh&gdfp_req=1&vrg=2022092201&ptt=17&impl=fifs&iu_parts=71161633%3A21681366940%2CONLIN2PDF_online2pdf%2Cconvert_vrec&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C1x1%7C120x600%7C160x600%7C300x250%7C300x600&fluid=height&ifi=1&adks=2227846071&sfv=1-0-38&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.03%26hb_adid%3D54aac25414802fa%26hb_bidder%3Drubicon%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dads.online2pdf.com%26fuse_path%3D%252Fvertical%26fuse_query%3D%26fuse_category%3Dvertical%26fuse_industry%3DIAB19%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D468344c8-51f5-5d65-96da-809cb309524a%26fuse_publication_id%3D13%26FUSE_LOADED_MS%3D0-499%26GPT_READY_MS%3D0-499%26PREBID_READY_MS%3D0-499%26UAM_READY_MS%3D0-499%26CMP_DETERMINED_MS%3Ddisabled%26CMP_JURISDICTION%3Dunknown%26CMP_ALLOW_PERSONAL%3Dtrue%26amznbid%3D0%26amznp%3D0%26GPT_AUCTION_START_MS%3D1000-1499&sc=1&cookie_enabled=1&cdm=ads.online2pdf.com&abxe=1&dt=1664368010154&lmt=1664368010&dlt=1664368008986&idt=275&adxs=90&adys=0&biw=-12245933&bih=-12245933&isw=300&ish=600&scr_x=-12245933&scr_y=-12245933&ucis=9yi9lncuect0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fads.online2pdf.com%2Fvertical&ref=https%3A%2F%2Fonline2pdf.com%2F&top=https%3A%2F%2Fonline2pdf.com%2F&frm=24&vis=1&psz=300x600&msz=120x0&fws=384&ohw=0&ea=0&ga_vid=261541312.1664368010&ga_sid=1664368010&ga_hid=403927965&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab7f82170eaa6c9db069a9104c4aa62c7b1a96732db38e02043df0add34704ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19997
x-xss-protection: 0
google-lineitem-id: 5976507273
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138388906952
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ads.online2pdf.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 29AC 14 KB
11 KB 80ms
54ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe3d62dfe219dc97ceefbefe6997e8490f02c5938e5f2d54c65d7b08fd5c72b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11237
x-xss-protection: 0

GET
H2 200 container.html Show response
b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C6BB 6 KB
4 KB 64ms
15ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.online2pdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 12:26:50 GMT
expires: Thu, 28 Sep 2023 12:26:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 29AC 87 KB
28 KB 44ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Sep 2022 12:26:50 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 82A9 107 B
165 B 103ms
64ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ads.online2pdf.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 82A9 107 B
165 B 22ms
22ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ads.online2pdf.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 82A9 21 KB
10 KB 278ms
277ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4162321898369777&correlator=333782880780608&eid=31069838&output=ldjh&gdfp_req=1&vrg=2022092201&ptt=17&impl=fifs&iu_parts=71161633%3A21681366940%2CONLIN2PDF_online2pdf%2Cconvert_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&adks=564771284&sfv=1-0-38&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D38a59bebd53c5cb%26hb_bidder%3Drubicon%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dads.online2pdf.com%26fuse_path%3D%252Fhorizontal%26fuse_query%3D%26fuse_category%3Dhorizontal%26fuse_industry%3DIAB19%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D468344c8-51f5-5d65-96da-809cb309524a%26fuse_publication_id%3D13%26FUSE_LOADED_MS%3D0-499%26GPT_READY_MS%3D0-499%26PREBID_READY_MS%3D0-499%26UAM_READY_MS%3D0-499%26CMP_DETERMINED_MS%3Ddisabled%26CMP_JURISDICTION%3Dunknown%26CMP_ALLOW_PERSONAL%3Dtrue%26amznbid%3D0%26amznp%3D0%26GPT_AUCTION_START_MS%3D1000-1499&sc=1&cookie_enabled=1&cdm=ads.online2pdf.com&abxe=1&dt=1664368010199&lmt=1664368010&dlt=1664368009000&idt=285&adxs=121&adys=0&biw=-12245933&bih=-12245933&isw=970&ish=120&scr_x=-12245933&scr_y=-12245933&ucis=og22l3ie0urc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fads.online2pdf.com%2Fhorizontal&ref=https%3A%2F%2Fonline2pdf.com%2F&top=https%3A%2F%2Fonline2pdf.com%2F&frm=24&vis=1&psz=970x120&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=377788892.1664368010&ga_sid=1664368010&ga_hid=1902261157&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626cf96327b5362ab06a6ec60cb1cc2519f7270ed39f0b75cd44a53c1de5180b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9757
x-xss-protection: 0
google-lineitem-id: 5936009707
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383374729
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ads.online2pdf.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 82A9 15 KB
11 KB 57ms
57ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4234dad73120f3a838b907b33fcfec4e8a4fcfa1ff091e89545d41d439686662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11275
x-xss-protection: 0

GET
H2 200 container.html Show response
e1d1e29d7d0343a5d2667e4a6be02c28.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DD90 6 KB
3 KB 30ms
16ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e1d1e29d7d0343a5d2667e4a6be02c28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.online2pdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 12:26:50 GMT
expires: Thu, 28 Sep 2023 12:26:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 82A9 87 KB
28 KB 19ms
18ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-f94d0ee19c0589142155218cbab526af.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Sep 2022 12:26:50 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9730 15 KB
6 KB 86ms
31ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=online2pdf.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.online2pdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 12:26:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 958109
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 29AC 88 KB
29 KB 55ms
29ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Sep 2022 12:26:50 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 29AC 17 KB
7 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 12:26:50 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 93B7 15 KB
6 KB 48ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=online2pdf.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.online2pdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 12:26:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 874422
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 82A9 88 KB
29 KB 39ms
36ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Sep 2022 12:26:50 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 82A9 17 KB
6 KB 56ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 12:26:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B1C2 13 KB
5 KB 27ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.online2pdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 12:07:53 GMT
expires: Thu, 28 Sep 2023 12:07:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E91F 783 B
738 B 44ms
21ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dd49ec176bad424e8694e77a1c49ca3e995b745d9b3de92d7724c2a8ff1b8b06

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ynRRAHRG64ou-yI2FlNdqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.online2pdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ynRRAHRG64ou-yI2FlNdqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 12:26:50 GMT
expires: Wed, 28 Sep 2022 12:26:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame 93B7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=online2pdf.com&sn=ChromeSyncframe&so=0&topUrl=online2pdf.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=tOQhOHxGZXFEeVc4Q1VFTG5PQnlWejJ4TGNvNkFINW1Vek1DYktoUFMvVWx1MUphQmlLcmV3NVBKR0s5TUxnWXQxMXBQMmljZFRuMDFqMWRiL1VocUovSXhhOTh3NnAzazdvUlRVWjFRRUJ0emVNWS9Jb2ZwS0wzOFJpY1...

425 B
652 B

68ms
14ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tOQhOHxGZXFEeVc4Q1VFTG5PQnlWejJ4TGNvNkFINW1Vek1DYktoUFMvVWx1MUphQmlLcmV3NVBKR0s5TUxnWXQxMXBQMmljZFRuMDFqMWRiL1VocUovSXhhOTh3NnAzazdvUlRVWjFRRUJ0emVNWS9Jb2ZwS0wzOFJpY1Z3UjJtb1BXdFlraGN5NVdPNFNXbVhyKyt0dVBWZ3hvMHozK0pRQVBmOXFUNmp2aFljcWMramNIY1dyMVRvNVg0Q1RKTUtueE1ManFFdVR4aXZNN3hhdHBvSGZtYnZyWi9zWVFiM2xZMkF3RGlmRGZSbnhnRWozRWhGVDVmZkl1bUJOL0xyZmlYMVJlSkQ4bHpEZDBiUnJaQWhVVWladz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

06008aafe7362327db3b5836326541ca945a3c3d1cd798bbc4e8b6c88f7b4b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1621161
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=tOQhOHxGZXFEeVc4Q1VFTG5PQnlWejJ4TGNvNkFINW1Vek1DYktoUFMvVWx1MUphQmlLcmV3NVBKR0s5TUxnWXQxMXBQMmljZFRuMDFqMWRiL1VocUovSXhhOTh3NnAzazdvUlRVWjFRRUJ0emVNWS9Jb2ZwS0wzOFJpY1Z3UjJtb1BXdFlraGN5NVdPNFNXbVhyKyt0dVBWZ3hvMHozK0pRQVBmOXFUNmp2aFljcWMramNIY1dyMVRvNVg0Q1RKTUtueE1ManFFdVR4aXZNN3hhdHBvSGZtYnZyWi9zWVFiM2xZMkF3RGlmRGZSbnhnRWozRWhGVDVmZkl1bUJOL0xyZmlYMVJlSkQ4bHpEZDBiUnJaQWhVVWladz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 700335
content-length: 0
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3423 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.online2pdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 12:07:53 GMT
expires: Thu, 28 Sep 2023 12:07:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F713 783 B
1 KB 23ms
20ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a104beb1874198c45bcae22d88cf72ccbeff4af5ffa06c1a169a97ca0785a72d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wvtXNb7CjpoIZdz5mdOg6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.online2pdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-wvtXNb7CjpoIZdz5mdOg6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 12:26:50 GMT
expires: Wed, 28 Sep 2022 12:26:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9730
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=online2pdf.com&sn=ChromeSyncframe&so=0&topUrl=online2pdf.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=gsemcXxJeUxyUURtZktXU2VzY25HWUZUS2MvcHp3eFJOVUw4d2JGSzFyOFp6ZW5GOG1naU5HYlJ6OWlsNGM0Q05uV2oxV2NlWE9Ma0h1OE1Ed2ZkbVpqbnlZaG5aWXFVSXJuNjBGVklLTXdINmFVZ3g3SDIzaHI5TjBDdU...

420 B
650 B

50ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gsemcXxJeUxyUURtZktXU2VzY25HWUZUS2MvcHp3eFJOVUw4d2JGSzFyOFp6ZW5GOG1naU5HYlJ6OWlsNGM0Q05uV2oxV2NlWE9Ma0h1OE1Ed2ZkbVpqbnlZaG5aWXFVSXJuNjBGVklLTXdINmFVZ3g3SDIzaHI5TjBDdUxxZnBIVHp0ZDBYblIrYlFIeW85c1BZZE9qZ2VnUTRpYlk4eTMwZHRxV285MjRxd3dxOU9idGZhc2pKRTB2QktLYzIwWit5NHlkMWJHcmpCb2RUdmlQc2tFQnhKaU1xZktrbnVjOHpBem00UzBaQm5wcUpnZk5YY2lRc21Tdm53TnhOdmE5NUdvVXloRC9BcjExQWoyUkRTQWlpdXY0UT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

147eafe42b127d0adfb12d5ad3c59a47b8e14ecf5dca450784de626ba5d4e345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1952507
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=gsemcXxJeUxyUURtZktXU2VzY25HWUZUS2MvcHp3eFJOVUw4d2JGSzFyOFp6ZW5GOG1naU5HYlJ6OWlsNGM0Q05uV2oxV2NlWE9Ma0h1OE1Ed2ZkbVpqbnlZaG5aWXFVSXJuNjBGVklLTXdINmFVZ3g3SDIzaHI5TjBDdUxxZnBIVHp0ZDBYblIrYlFIeW85c1BZZE9qZ2VnUTRpYlk4eTMwZHRxV285MjRxd3dxOU9idGZhc2pKRTB2QktLYzIwWit5NHlkMWJHcmpCb2RUdmlQc2tFQnhKaU1xZktrbnVjOHpBem00UzBaQm5wcUpnZk5YY2lRc21Tdm53TnhOdmE5NUdvVXloRC9BcjExQWoyUkRTQWlpdXY0UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 535991
content-length: 0
expires: 0

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame B1C2 36 KB
16 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 16:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 16:51:22 GMT

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3423 36 KB
16 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 16:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 16:51:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F713 0
0 42ms
42ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092201&jk=4162321898369777&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E91F 0
0 41ms
40ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092201&jk=1590807667526688&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7775 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEDp-PQ-d3qJekZr20HxhttQu94AzfGooQalxMZdquGwzFvaf_QPLtpuQxCCoQOF_rdO1XYBcigRzuZ8pysgCO_Xs-uLvgtHoTQ4E4DyF2-efv4HBMCLF9-LtMAgbTFf-2Up-ifLCAFFjJPS6fL7Vl5ObGCXzBmoa_7yzzsP2wbodswWTgFJoMDuGQ1hU6i8fuGPO2lwiLj3xS-xCK1B3Pq0PhBXi11gzwKynGIIdlXkXFN9XJlVvp9h2qGUo09xRh5kQ75OAgRhDEBsY3OpDV8r29AcppmRLeOc6SeOYrbr8_HloVuCwnZaT5kT0OBtsv9UmQtwsLp8ptz-xc4dye_uO5u-fU5-zQ1eMmog&sai=AMfl-YSxtiPrRYNNcYD4YMVZvNbqc4z18sG1Ax35SVmA1jbs9amnu4zLNnjMmb7tNAErW-hN2lDQyxyBomhzJ0VDBk1lMex-RTHvPvMDo6ToIGY_AXPZHHO-tbHi_Y047SZ7S_ThPw&sig=Cg0ArKJSzL1vkw09Juv3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: online2pdf.com
URL: https://online2pdf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Sep 2022 12:26:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7775 140 KB
44 KB 46ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 12:26:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F89D 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVc28DGROV3xcCgCW2wx_HVbgrS1azJHvZzH-1-KHQXIiXIUyEdS8VuWT5rx8Gznej4jsmfP4Tcgg0LCY9rg7OWgtJIIWwVsHYMLLWxCAdVMXhikRM0YrgUveiNr5D-GNi9t6euCFj5i_gZejXdrNjLblOKuI9K09WbNkju_w0bgVlrB2tLufetkzyX_0ubQNx7PvH1YSpFNehmFvgrOTQ5VANJ1rYDOsnS9UTZ4ob4SCVRyZ24_PZibLJeLPflrXv19ZvRJFMV4t0ummQcK7lk_kz489unmQEZ-F1t83x8Agr1mU8anlMphQpb7u7JQNiszVrIR_K1cno961b8MakliqV8kj3qP_3M04-FQ&sai=AMfl-YRnclYm1AkfAApAM8i3wqH9nOtbavt-B8olRiCo-Pg60Hl7gDLqtOzeU_3IkmjXDJMjYROAPIVAALNAMBlMcZ3jAcijeAHER6dD_SsYfo_9qQ&sig=Cg0ArKJSzBhDC3Pro3rPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: online2pdf.com
URL: https://online2pdf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Sep 2022 12:26:50 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame F89D 26 KB
9 KB 30ms
7ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Sep 2022 12:26:50 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 11797
x-jsd-version: 1.13.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8874
x-served-by: cache-fra19173-FRA
x-jsd-version-type: version
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F89D 140 KB
44 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 12:26:50 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 29AC 107 B
122 B 38ms
20ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ads.online2pdf.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 29AC 107 B
122 B 37ms
19ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ads.online2pdf.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 29AC 17 KB
9 KB 311ms
310ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1590807667526688&correlator=3262194525041409&eid=44772497&output=ldjh&gdfp_req=1&vrg=2022092201&ptt=17&impl=fifs&iu_parts=71161633%3A21681366940%2CONLIN2PDF_online2pdf%2Cconvert_vrec&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C1x1%7C120x600%7C160x600%7C300x250%7C300x600&fluid=height&ifi=2&adks=2227846071&sfv=1-0-38&rcs=1&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.03%26hb_adid%3D54aac25414802fa%26hb_bidder%3Drubicon%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26in2w_key%3D1%26in2w_key2%3Dnope%2Cbenchmark%26in2w_key3%3Dnop%26in2w_key4%3Dnop%26in2w_key5%3Dbenchmark%26in2w_key6%3D--3---%26in2w_key7%3D1488%26in2w_key8%3D1%26in2w_key9%3Dbenchmark_request%26in2w_key12%3Dbenchmark%26in2w_key15%3Db0%26in2w_key16%3D1%26in2w_keypm%3Dfuse-slot-22756694728-1%26in2w_key9001%3D1&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dads.online2pdf.com%26fuse_path%3D%252Fvertical%26fuse_query%3D%26fuse_category%3Dvertical%26fuse_industry%3DIAB19%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D468344c8-51f5-5d65-96da-809cb309524a%26fuse_publication_id%3D13%26FUSE_LOADED_MS%3D0-499%26GPT_READY_MS%3D0-499%26PREBID_READY_MS%3D0-499%26UAM_READY_MS%3D0-499%26CMP_DETERMINED_MS%3Ddisabled%26CMP_JURISDICTION%3Dunknown%26CMP_ALLOW_PERSONAL%3Dtrue%26amznbid%3D0%26amznp%3D0%26GPT_AUCTION_START_MS%3D1000-1499&sc=1&cookie=ID%3D551645f215517b5e%3AT%3D1664368010%3AS%3DALNI_MYsDIT4bPGZd3VXm-ER9WvDeVBh6A&cdm=ads.online2pdf.com&abxe=1&dt=1664368010522&lmt=1664368010&dlt=1664368008986&idt=275&adxs=0&adys=0&biw=300&bih=500&isw=300&ish=600&scr_x=0&scr_y=0&ucis=9yi9lncuect0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fads.online2pdf.com%2Fvertical&ref=https%3A%2F%2Fonline2pdf.com%2F&top=https%3A%2F%2Fonline2pdf.com%2F&frm=24&vis=1&psz=300x600&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=261541312.1664368010&ga_sid=1664368010&ga_hid=403927965&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e2080a3c54a9bbf8c9072c3a795235311ed6a18d7ad8fba3c90491fa0dcf83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9364
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ads.online2pdf.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3423 0
10 B 9ms
8ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hj22Zw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B1C2 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XIJ0DQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7775 0
0 61ms
44ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsup-qh4U6zQdpjLU8rfsMbNYOOGGbNge6whl5MYBWkYUx4c1yJY1H6XQ3R6HXfIyXa1e9kHK3rnCrfqichlax5_GP-YHG0jFRfMsC4cTotxsxDi5jFB9PnFJ2Z_Oy70arSaa8_Nk5tVfBxBndue7suMShQ-6FO6vh_uzdtblbSwB5NG5CZewzeMVBRQ9JiBKLq6uQLfyyAD0HtDCNrUTLqnjijhzpyMH-N85m3o_AyoJN77VkRz08Rj-2erGqaXQa2Rapu1zU7C728hUiZH_3RjntHftarkChPc88OEdFhptZSZVJfmqnIpaonwe0EWYYTpnz2pepOSNoB77tesAKjNndX9Qj4D66PhDleYjYv4&sai=AMfl-YTBHSr73GgnSc11qCKynNd8acDohAQhxdDtZyMusgHoWwd6MRrcrzfBQEfN1MZ9oz3hZr0cnGpVw9yoJsXb6BLbmCfKuXtEmvLgFp0PAKG2fvtLNl1JtO_TrQhicQRrEoj4fQ&sig=Cg0ArKJSzERiyhbN94iDEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Sep 2022 12:26:50 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame F89D 2 KB
2 KB 49ms
14ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWWpFNVlUWm1aRFl0WWpWbE15MHdOMlF4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwMzI2OTQ3NzkzMzUxMTE0NTYvMTA5NTE3NzAvMTIyNjI4MzMvOS9yTE5JNG1yRUFrSGhQZ2FGdGxZUnlmY0ppUlJEMXlNbUQwMk1qMXN4R1QwLzEvOS8wLzAvMTk3NjQ0My8wLzIxNTU0My8xMjEyOTQ4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDAzMjY5NDc3OTMzNTExMTQ1Ni96cmgvMC81NTU4LzQ0Lzk5OS8yLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY2NDM2ODAwOS8xNjY0MzgwNjA5LzkvMjA4ODQv/sbjqbcTwpaD_wYV8VZbTOhF1MQQ&nodeid=3771&group=zrh&auctionid=4032694779335111456&pbs_auctionid=4032694779335111456&shardkey=4032694779335111456&sid=12262833&cid=10951770&bp=a_bcjjjd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.88&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe41131d9-6dc7-440c-9709-254090a767e0%2F
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.365.0 /
Resource Hash: f7b1a8136794d4ef80777aeeda3b082ac4149bba0722e69abdf97aacf212f031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:50 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1664368009
Last-Modified: Wed, 28 Sep 2022 12:26:49 GMT
Server: MMBD/3.365.0
x-mm-latency: 1 (1)
Content-Type: application/x-javascript; charset=UTF-8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x77, zrh-bidder-x157
Connection: close
x-mm-lag: 1
Expires: Wed, 28 Sep 2022 12:26:49 GMT

GET
H/1.1 200 e41131d9-6dc7-440c-9709-254090a767e0
beacon-ams3.rubiconproject.com/beacon/d/ Frame F89D 43 B
378 B 97ms
16ms Image
image/avif 2602:803:c003:200::57
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/e41131d9-6dc7-440c-9709-254090a767e0?oo=0&accountId=20884&siteId=433180&zoneId=2477104&sizeId=2&e=6A1E40E384DA563B29A6FBC78B00E82520A7C9B58780C03BFD66708F30217864E684075EFCD4CEC2FB66C9905AAC9DBA5ABF4BC26238BE18F6ABF707DC9E13E3C0E5D1EDC25A02D389B6CEE551F29B8336214A57296834C0D85DF5B1ABBF4EAFCB6A5612D8BF4D49E37E05640868012D59BA0D60DD41213026A63D581BE1CB4E2605645952F60178C619564CE290D216883D2EBD6923FC0E154736BE035E682EC1FC67DEDDB210CAC566ABB4C75D01A09EE877B47245A862

Requested by

Host: online2pdf.com
URL: https://online2pdf.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 12:26:49 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1

200
OK

ck-confirm
tags.mathtag.com/ Frame F89D
Redirect Chain

https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWWpFNVlUWm1aRFl0WWpWbE15MHdOMlF4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwMzI2OTQ3NzkzMzUxMTE0NTYvMTA5NTE3NzAvMTIyNjI4MzMvOS9yTE...
https://tags.mathtag.com/ck-confirm?bid_id=4032694779335111456&node_id=3771&exch_id=9

49 B
330 B

16ms
15ms

Image
image/gif

185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=4032694779335111456&node_id=3771&exch_id=9
Requested by: Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/horizontal
Protocol: HTTP/1.1
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.365.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:50 GMT
Server: MMBD/3.365.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x84, zrh-bidder-x157
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 28 Sep 2022 12:26:49 GMT

Redirect headers

Date: Wed, 28 Sep 2022 12:26:50 GMT
x-mm-bid-request-time: 1664368009
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: keep-alive
Content-Length: 85
Last-Modified: Wed, 28 Sep 2022 12:26:49 GMT
Server: MMBD/3.365.0
x-mm-latency: 1 (1)
Content-Type: text/html; charset=utf-8
Location: https://tags.mathtag.com/ck-confirm?bid_id=4032694779335111456&node_id=3771&exch_id=9
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x64, zrh-bidder-x157
Keep-Alive: timeout=360
x-mm-lag: 1
Expires: Wed, 28 Sep 2022 12:26:49 GMT

GET
H/1.1 200
OK qu1sjawjblqw Show response
hal9000.redintelligence.net/zone/ Frame F89D 10 KB
3 KB 30ms
7ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/qu1sjawjblqw?subid=&gdpr=0&gdpr_consent=&rnd=4032694779335111456&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ruc&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4b29c695160fc4eabd320411fd0667f792eed3e0%26mt_aid%3D4032694779335111456%26mt_id%3D10951770%26mt_adid%3D215543%26mt_sid%3D12262833%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddc226334-3d8a-4101-8dc9-0bd384945aea%26mt_cid%3Ddc226334-3d8a-4101-8dc9-0bd384945aea%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe41131d9-6dc7-440c-9709-254090a767e0%2F%26redirect%3D
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 534f07537c6ccd03f8ac72904861056804bf61cb068cab6bc6c452f6247df687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:50 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2956
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame F89D 49 B
330 B 29ms
14ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=4032694779335111456&node_id=3771&exch_id=9
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWWpFNVlUWm1aRFl0WWpWbE15MHdOMlF4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwMzI2OTQ3NzkzMzUxMTE0NTYvMTA5NTE3NzAvMTIyNjI4MzMvOS9yTE5JNG1yRUFrSGhQZ2FGdGxZUnlmY0ppUlJEMXlNbUQwMk1qMXN4R1QwLzEvOS8wLzAvMTk3NjQ0My8wLzIxNTU0My8xMjEyOTQ4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDAzMjY5NDc3OTMzNTExMTQ1Ni96cmgvMC81NTU4LzQ0Lzk5OS8yLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY2NDM2ODAwOS8xNjY0MzgwNjA5LzkvMjA4ODQv/sbjqbcTwpaD_wYV8VZbTOhF1MQQ&nodeid=3771&group=zrh&auctionid=4032694779335111456&pbs_auctionid=4032694779335111456&shardkey=4032694779335111456&sid=12262833&cid=10951770&bp=a_bcjjjd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.88&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe41131d9-6dc7-440c-9709-254090a767e0%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.365.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:50 GMT
Server: MMBD/3.365.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x74, zrh-bidder-x157
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 28 Sep 2022 12:26:49 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame F89D 43 B
405 B 59ms
21ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=4032694779335111456&v3=1212948&v4=12262833&v5=10951770&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWWpFNVlUWm1aRFl0WWpWbE15MHdOMlF4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwMzI2OTQ3NzkzMzUxMTE0NTYvMTA5NTE3NzAvMTIyNjI4MzMvOS9yTE5JNG1yRUFrSGhQZ2FGdGxZUnlmY0ppUlJEMXlNbUQwMk1qMXN4R1QwLzEvOS8wLzAvMTk3NjQ0My8wLzIxNTU0My8xMjEyOTQ4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDAzMjY5NDc3OTMzNTExMTQ1Ni96cmgvMC81NTU4LzQ0Lzk5OS8yLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY2NDM2ODAwOS8xNjY0MzgwNjA5LzkvMjA4ODQv/sbjqbcTwpaD_wYV8VZbTOhF1MQQ&nodeid=3771&group=zrh&auctionid=4032694779335111456&pbs_auctionid=4032694779335111456&shardkey=4032694779335111456&sid=12262833&cid=10951770&bp=a_bcjjjd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.88&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe41131d9-6dc7-440c-9709-254090a767e0%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4505 5b23575 master cdg-pixel-x30 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:50 GMT
Server: MT3 4505 5b23575 master cdg-pixel-x30 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 28 Sep 2022 12:26:49 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame F89D 49 B
330 B 40ms
13ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=4032694779335111456&st=12262833&time=1664368010&nodeid=3771
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWWpFNVlUWm1aRFl0WWpWbE15MHdOMlF4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwMzI2OTQ3NzkzMzUxMTE0NTYvMTA5NTE3NzAvMTIyNjI4MzMvOS9yTE5JNG1yRUFrSGhQZ2FGdGxZUnlmY0ppUlJEMXlNbUQwMk1qMXN4R1QwLzEvOS8wLzAvMTk3NjQ0My8wLzIxNTU0My8xMjEyOTQ4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDAzMjY5NDc3OTMzNTExMTQ1Ni96cmgvMC81NTU4LzQ0Lzk5OS8yLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY2NDM2ODAwOS8xNjY0MzgwNjA5LzkvMjA4ODQv/sbjqbcTwpaD_wYV8VZbTOhF1MQQ&nodeid=3771&group=zrh&auctionid=4032694779335111456&pbs_auctionid=4032694779335111456&shardkey=4032694779335111456&sid=12262833&cid=10951770&bp=a_bcjjjd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.88&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe41131d9-6dc7-440c-9709-254090a767e0%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.365.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:50 GMT
Server: MMBD/3.365.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x84, zrh-bidder-x157
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 28 Sep 2022 12:26:49 GMT

GET
H/1.1

200
OK

request.php Show response
hal90002.redintelligence.net/ Frame F89D
Redirect Chain

https://hal90002.redintelligence.net/request.php?zone=qu1sjawjblqw&nw=20&renderingType=javascript&namespace=c604559ecf&subid=&uid=17f4cad8900f48b4&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90002.redintelligence.net/request.php?zone=qu1sjawjblqw&nw=20&renderingType=javascript&namespace=c604559ecf&subid=&uid=17f4cad8900f48b4&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

610 B
936 B

69ms
56ms

Script
application/x-javascript

46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request.php?zone=qu1sjawjblqw&nw=20&renderingType=javascript&namespace=c604559ecf&subid=&uid=17f4cad8900f48b4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4b29c695160fc4eabd320411fd0667f792eed3e0%26mt_aid%3D4032694779335111456%26mt_id%3D10951770%26mt_adid%3D215543%26mt_sid%3D12262833%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddc226334-3d8a-4101-8dc9-0bd384945aea%26mt_cid%3Ddc226334-3d8a-4101-8dc9-0bd384945aea%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe41131d9-6dc7-440c-9709-254090a767e0%2F%26redirect%3D&documentReferer=https%3A%2F%2Fads.online2pdf.com%2Fhorizontal&ancestorOrigins=https%3A%2F%2Fads.online2pdf.com%2Chttps%3A%2F%2Fonline2pdf.com&random=7495568107553&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/horizontal
Protocol: HTTP/1.1
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: bbb52455daaa0cfec5dc3ca2d65d98f49a7b1b9bb34a94bd5886b4650ab9e9da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 12:26:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 34319500076036305369359012096002
Connection: close
Content-Length: 330
Expires: Wed, 28 Sep 2022 13:26:50 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 12:26:50 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=qu1sjawjblqw&nw=20&renderingType=javascript&namespace=c604559ecf&subid=&uid=17f4cad8900f48b4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4b29c695160fc4eabd320411fd0667f792eed3e0%26mt_aid%3D4032694779335111456%26mt_id%3D10951770%26mt_adid%3D215543%26mt_sid%3D12262833%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddc226334-3d8a-4101-8dc9-0bd384945aea%26mt_cid%3Ddc226334-3d8a-4101-8dc9-0bd384945aea%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe41131d9-6dc7-440c-9709-254090a767e0%2F%26redirect%3D&documentReferer=https%3A%2F%2Fads.online2pdf.com%2Fhorizontal&ancestorOrigins=https%3A%2F%2Fads.online2pdf.com%2Chttps%3A%2F%2Fonline2pdf.com&random=7495568107553&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 28 Sep 2022 13:26:50 +0200

GET
H/1.1 200
OK request_content.php Show response
hal90002.redintelligence.net/ Frame 3CE7 7 KB
3 KB 20ms
7ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request_content.php?s=34319500076036305369359012096002&a=8afebb5e
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=qu1sjawjblqw&nw=20&renderingType=javascript&namespace=c604559ecf&subid=&uid=17f4cad8900f48b4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4b29c695160fc4eabd320411fd0667f792eed3e0%26mt_aid%3D4032694779335111456%26mt_id%3D10951770%26mt_adid%3D215543%26mt_sid%3D12262833%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddc226334-3d8a-4101-8dc9-0bd384945aea%26mt_cid%3Ddc226334-3d8a-4101-8dc9-0bd384945aea%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe41131d9-6dc7-440c-9709-254090a767e0%2F%26redirect%3D&documentReferer=https%3A%2F%2Fads.online2pdf.com%2Fhorizontal&ancestorOrigins=https%3A%2F%2Fads.online2pdf.com%2Chttps%3A%2F%2Fonline2pdf.com&random=7495568107553&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: fc2802e972e8444657a9ed6ce56e959156a22a1fd1f599a8121ec838db83d806

Request headers

Referer: https://ads.online2pdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2309
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Sep 2022 12:26:50 GMT
Expires: Wed, 28 Sep 2022 13:26:50 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4599 281 B
573 B 44ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/horizontal
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.online2pdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Sep 2022 12:26:50 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F89D 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQ6TZTouW-UxcIPpA0ahUMPrMXALVaEPmwgfeX65BL_DK3UnrusKuHYKkM9WG0egRxoJ4gAh1J6MckeV0xkGv-PXbxUCxJ054KuAMWePe2QC78RXF32YB-MvbBFF2iEuDk2I_A4YSFQKVkDCWnN2NkZakwtUSZaVehX_eW9rpkQzc3qp_eM-vDkdzJQO2r55CTabwvzWI_zYfZcwvs20lwVug4UH4l3JInjQucDDOVzXize-1HccomyKZy4E2RFAvp-VGcqdaDUp1NeZVGQUzehXWxYr3LWfOGCGe3XJdZFeCN19LGmGH19oJPWnX0z7JDFswJTlzvWsqeygNaikP3sOc4nKjOlekhe4RxurkG&sai=AMfl-YQxV80Cu4vlFDco5QYcjrTnEfeg3DIPXj00Gi292J5OtNz8iNZ5Jhh9nmYWjT4YI_fB1_wkhSMhBU6pgpLdrs2RbJ2Wsn8e5zQwPne-ap90YA&sig=Cg0ArKJSzIISrTpZP8u2EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Sep 2022 12:26:50 GMT

GET
DATA 200
OK truncated
/ Frame F89D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bd1a2961a1e6b3f1b16af85e1c3828d83585c5bc91cab286ef3ad57819a531d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 3CE7 89 KB
32 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=34319500076036305369359012096002&a=8afebb5e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 23:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 23:48:04 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 3CE7 745 B
941 B 136ms
30ms Script
text/javascript 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=57961627;click=https%3A%2F%2Fhal90002.redintelligence.net%2Fc%2Fp9qoiknyfs0944f%3Ftprde%3D

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=34319500076036305369359012096002&a=8afebb5e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ef4e531bd658e50fcaeee96dd8ee85c19da4277fac1a29db4f0028483a329dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 548
expires: -1

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4599 31 KB
10 KB 7ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=10065
Connection: keep-alive
Content-Length: 9421
Expires: Wed, 28 Sep 2022 15:14:35 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 7775 0
0

GET
H3 200 container.html Show response
b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C195 6 KB
3 KB 25ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.online2pdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 12:26:50 GMT
expires: Thu, 28 Sep 2023 12:26:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame 3CE7 0
150 B 21ms
8ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=34319500076036305369359012096002&a=38a5496b&vb=m
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=34319500076036305369359012096002&a=8afebb5e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/request_content.php?s=34319500076036305369359012096002&a=8afebb5e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:50 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F65E 624 B
733 B 49ms
25ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRD40Y2QAxjJ8fPCATAB&v=APEucNUddOjksGiPNiv94houdW7Mlqy2_mGBhlsPTnZhLbYND491vmCuV3O5An6UgnC1dD8DyEC4JgzPw7UQlq0QtYhxYHdou5BfjYz5ugN0v6GlXCdAxyFMQzSDNiBAhsO9H9Xd_o47IL8OeyVshZcz6U4FEaIEB1nE_GstGebsu2sAkbrdwsM

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 12:26:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C195 80 KB
33 KB 77ms
55ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cs7PKr8w5q_uEF1wL_hTZVRFeJQlHeMrXwFU_nAa1GG06h2RLXqptU3yrvmDQLIlExsyrLtrx9hewE7MVbi9Qok_vTWg&cry=1&dbm_d=AKAmf-BlKh7RReZKWXff-w3t11cor6y7orHm4xR5oYNncHdBYLNZpQjdtF7gJt_5amcV-5ovcJrS1lIsyfYFqMetmx93th-j6dzpSo925z7M7nW8UO2b94JTno5PoGg67hYmqSZfKVHcdJ-hBD3U1LXdEdfB845LTUN4hdeNjYZdkOTIALw_230_3g1fvZ4PSfa04p9pA0QpVc254F2E1B-jiToQ15DKx9ksYTd0uprVnvnjQS7HS7Huhj4oNxP4fNefPeUay5CDol0nxSbmiPCGbVOb45TVXvQuOS5z0FDgcY3_-PAssFNhjKwELGcBfC2edBPn1kU0NE9gtxZ1i6a1ifeTZUOtpHgY7xPxbbptmJ7pfUmuRHQvBQpc4hsobiqOUYOpD7YWZuZwIf5MssgcVCqpR9GrT2qdhjJaMuazxXpVC_022qMwRhp3ax7bg0jVz8jzieTUWAoI1JYP88GksfWOWeKc3XefhAPibmt2AEXUeKacV5w0LkTecWJq92Joetzn8Hgldgznl3UjCdxuYVOmhlaerAPgqsCRoq6AKGgOAQUw1A-YOhg7gS-Dj92ewnb3fSf8rEGTxxElpbxnu3AzzFFUuKPHToNo3-dNuIyhQTTykkwXOuFQJGYYKNMLRxCqaOLYx5Xy8c58mOZwAnXaET1Bua82hjI7z1-Phus2WaWZ5TaiDjon5z6GEYx-oNr_q6jsb3VSPp5uqkuxXZjt8lhwgyPQ1LRfTZMkGjDHwlDaPKpZniPrU_hiDO1jEj_aWaI-2wRhQYC_qsGlymqX_Rjz0_WowhxFCyAKmO8LZba2gBYaAKvt5niVAsG0_p6RWIieSOehga_jSzKzItObSR2SimIN8hIKQ9e7pa-Eh5ojWTIvoZ5XmABqV-KoCN5wUqPxx0RGhUQQQgNm5YRYju40OlsUH7MWoWGKTEFVwc3SYdSQEsDXXMaukyds1OrhkY4EnbIllNohk3Iy652QaR0HWtx71cnun7v76d6qI9twDxJERWWRIzmYpijAM9OKCC04UXKOfSeC3GtC2aW4cc_4Cc5g7sVR-SPRf-CT77Di_uz_vy9U7C6w5fsUp9gIB2VmMhZFJCLHYzae73tktAfVNhuHAWXn_Ctq8hEmDxmbhyLUiqmxUn0Djwr-SBbOkUkuAnxoSvPAyNLvu18z7OkAIACLcgn4zgxst5J01J5ulPMifvCdeXqPR26Kox8g_poT683pZACeuQNcpxnQs4Ju5mMhYSBuutUEc_ssMUPtpG-aosXYwE3EPdnKvI_D0VPxCYAFGk69Z5-DC-t5TWjsPkbZ1ScGjNiigjouw9lGV-pX25v9CjElvRz-N-q6V7-0fShuztYYtPrB8pbs6sR6z6wgj6j_45w-z6AEm8qEbgKTxTK3rSOgBuLZ9LL4izIjJEWabi4UDKJ2JBwfS4AVj4Q-TbO7u3BMEd6rRxAEUZXC9IwR32Bso9MSm31y6u3Vi4bQAUPVN8YCd0tra8A7KxGsKWjaHZKk9WTYia40VeYMtAtPVHJoQmKWGofG2jKSK1kM7FoMtfDWjmMp3MVJybkUK-e3nL5hgxVzb6MulcI8JlHcbjDU-4CVorJPL5yGxQYbkOP81ZaG9SCRPPxcN7XHUhH1LQ5A1oROSw7N0rwOIFjR5nYiYSMlc2TilQae4_TPuJEYnxEXwUXjVg2C_1Aakgb6OmND0slADvfdbx_OmQ-DLJ3WjnpOp0GBiqSb0SN16ecnhvUpL2GT-dB4tLHbkxA7MCfxXMn-EVqM12Xylqygg-oNN6dtlbqVHKyfrmOHFPoxVReTwry9H6ndkcEzokkV1QWhYmLAV_CLkUpymuK-BXy9RnyAsHGuTbsesHQUwxiPOGc_3UFW5Yrw1C2clwtww6ed0go1irnMSPcQRZBnlDsFQuu4iIpmRxW04fIWRk_CFCOt3vMsGQCYjokyPAl5nUCaqEudXb99mdectlRWbjCoLneGl9EHohrEcm6Ima4q7EOziMZb9WDBskBq9cNJVPayUVzdRRMZ_KAqhRD4vWBaPGEaB_KN-uvEV-CJoPAaFpg2-OShglT6mLJCCF9vrzSby8Oylyrr6NqawxBGQ-elNYF85Mcm1FfSm9C9fAImSVTjymMmF9ELQ4iHbHTMiSDrZ_pcuD-LcTs4ebwCf4KQi84fr00T39I_ZZQqfjKK_DMlL2DQ15lcnK-_mkVQTgx_tV14j309a7zfB0IRvbeFLun__qvLAbwclWWMPoHU7etGiXsUVYcI8JlkG6igP0GwWD_lbDShJ10IqVfPZdx5F5jQ1adnl1-nfJu95ynMT3upb90bgHmYXGZTf-nlBa4FxLq3hAe9LcZwWoh5_DdOH0x0j0FoFo57PhS1JUQ0B2_khJ3PJ_1cMLYYy7Hk6CcBVPbu4u2qXeQkH8Loy-9GKGFRM2ECBNOB0dYWmKnxmA8ir4Q6egRr6P51OrACiEW7rtH0ptfVClJ06gZXyDv2_1zsRjdOh35zB5x8_ex41BSYM06N2QKepQ0NmToWj5TtF4nNfB8Zw8-qmAuzjzCn2oRGzOV9WywUq5AbeCSxjf1rhZuyMqj3FbaUn25TMI4rd40u4kfFAEuI8OpXm7NosS3Jnop-sDTEI0VnpSh928fI5c76SihOKC9nBxgwKu6HyNOQJNlZGVozrbysqt6_G1ziQ7OQTK6RS1UwliOQhjhbA-H8QvUTVfonCbOCIRqPGoGQkJ0cJ3hKSaHreMG2D4VSSStQ4sLJ8LHOx2_0PsusLazqMFdJ3TkI_niNSSEqwHZcLCok8d6bVqWHpYHdVCk8b5zHCXueTl6_iHdkoYBV-9vogQ96C0Xbk3ICn-OXkLsCRUp5QOnFJ3rVHNfTTetX4WyMWgO_lFxKsoTwCe8xqtVuCageuKmOVjRoSZKcoHRZn2-IwzbyPe6tBHs4vkNh2mr2iy25GDoeWyZCjmNOQHDc-1uSZxVca1fFEpx2hAVzmsp-CMAkSS0OWtMiRH5lnUuJ_xDZduW0WVkLJ7Z5HmtFHqru4FDo-BkC7w8wGPGct1-IxVplkRqXei38FYCv-HhUEf3tWkzhN9fUahuc_QSDfKhjo88OywYqHc0GUVCYPlA766w4HIoNaans9fS2nwnf1DerDUDHYDpMyYcLXPf537-_5Q&cid=CAASJORo049T_XrZqlTUAoB_LKTyIn82aNOCOeeKMfDaFZRI6dVShA&rfl=2%2Chttps%253A%252F%252Fonline2pdf.com%242%2Chttps%253A%252F%252Fads.online2pdf.com%252F%240

Requested by

Host: online2pdf.com
URL: https://online2pdf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab3a2e19743ddbacd0904360a2358b0905342ca98bd5275b0d5e1b18d84bf531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34016
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C195 42 B
63 B 43ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CedlyKgsocjM9IGLUORxt9iJquUwB7hVXInmkuGg80olZXNQtWlF27FsFfI82whI94MbhOSP6daCdGTI8_gYaKE8-TA5jb6AenKGcF6O9mf2Z3bmQ

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame C195 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 12:22:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame C195 17 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 12:16:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C195 140 KB
44 KB 43ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 12:26:50 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F65E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEZ4TtT94TznSID9v0RZm4M&google_cver=1

43 B
847 B

118ms
118ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEZ4TtT94TznSID9v0RZm4M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRD40Y2QAxjJ8fPCATAB&v=APEucNUddOjksGiPNiv94houdW7Mlqy2_mGBhlsPTnZhLbYND491vmCuV3O5An6UgnC1dD8DyEC4JgzPw7UQlq0QtYhxYHdou5BfjYz5ugN0v6GlXCdAxyFMQzSDNiBAhsO9H9Xd_o47IL8OeyVshZcz6U4FEaIEB1nE_GstGebsu2sAkbrdwsM
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpFYbAG8%2FkI3O8MyVdcyQ5wJpjA2b%2FPWv2SgOiJif7ahZrf78jvKfPXs6qdmvU%2FpDlLLDiC8BLQWVXmesAxCPTA5dJAGF%2BT44gdg01VMM4QViNOuC92Arj4sBypvEv9LHnb%2B0%2F%2FbXont1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 751c78450bc99119-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEZ4TtT94TznSID9v0RZm4M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F65E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzQ9i1CjukFgEJHFKo2mTQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEZ4TtT94TznSID9v0RZm4M&google_cver=1

43 B
840 B

39ms
39ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEZ4TtT94TznSID9v0RZm4M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRD40Y2QAxjJ8fPCATAB&v=APEucNUddOjksGiPNiv94houdW7Mlqy2_mGBhlsPTnZhLbYND491vmCuV3O5An6UgnC1dD8DyEC4JgzPw7UQlq0QtYhxYHdou5BfjYz5ugN0v6GlXCdAxyFMQzSDNiBAhsO9H9Xd_o47IL8OeyVshZcz6U4FEaIEB1nE_GstGebsu2sAkbrdwsM
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zxds6cTt96iJpXGsQETtJeEK4H0uqbllhUF8GRgL7cNrFkSQKX5Qzfytfp9q0wPQZVIa2wmDT3zYBoMyDAyYeZSgU6Zz4G11RAl2DYC6hId8fTO%2FdM6%2FnuUOv903WIe20fBmSDxL4zdGBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 751c78460df89119-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEZ4TtT94TznSID9v0RZm4M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F65E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED3SS59JVP2XsQ-hOeeX8jI&google_cver=1

43 B
1010 B

27ms
27ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESED3SS59JVP2XsQ-hOeeX8jI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRD40Y2QAxjJ8fPCATAB&v=APEucNUddOjksGiPNiv94houdW7Mlqy2_mGBhlsPTnZhLbYND491vmCuV3O5An6UgnC1dD8DyEC4JgzPw7UQlq0QtYhxYHdou5BfjYz5ugN0v6GlXCdAxyFMQzSDNiBAhsO9H9Xd_o47IL8OeyVshZcz6U4FEaIEB1nE_GstGebsu2sAkbrdwsM

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 12:26:51 GMT
AN-X-Request-Uuid: ece6b742-e8d3-43ae-88a2-537391c89941
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESED3SS59JVP2XsQ-hOeeX8jI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F65E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc3NzM3ODY1NzEzOTgxMTE4NA%3D%3D

170 B
188 B

27ms
20ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc3NzM3ODY1NzEzOTgxMTE4NA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 12:26:51 GMT
AN-X-Request-Uuid: b849c33b-fadb-40d5-a669-9a766abb515a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc3NzM3ODY1NzEzOTgxMTE4NA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 4599
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIP8ckuz2TvtLRNR5CVvKEw&google_cver=1

0
239 B

49ms
11ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIP8ckuz2TvtLRNR5CVvKEw&google_cver=1
Requested by: Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/horizontal
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIP8ckuz2TvtLRNR5CVvKEw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 4599 70 B
265 B 99ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/horizontal
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4599
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhlNjFlMTVlODQ0MWZkMTJkNmRkZTdlYjhjNTIyMTY0YTIwYzUwYQ

170 B
188 B

36ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhlNjFlMTVlODQ0MWZkMTJkNmRkZTdlYjhjNTIyMTY0YTIwYzUwYQ

Requested by

Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/horizontal

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhlNjFlMTVlODQ0MWZkMTJkNmRkZTdlYjhjNTIyMTY0YTIwYzUwYQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4599
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhMTFFOMTctMTgtN0FOQQ==

170 B
188 B

37ms
21ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhMTFFOMTctMTgtN0FOQQ==

Requested by

Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/horizontal

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhMTFFOMTctMTgtN0FOQQ==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 4599
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/mjJVOL8YIcxUl4aD7EZAEcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3201031997963443168

0
239 B

10ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3201031997963443168
Requested by: Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/horizontal
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 28 Sep 2022 12:26:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3201031997963443168
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 4599
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8LLQN17-18-7ANA

0
707 B

200ms
169ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8LLQN17-18-7ANA
Requested by: Host: ads.online2pdf.com
URL: https://ads.online2pdf.com/horizontal
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:50 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7270167A834243609A0213AA2CCBDC6E Ref B: FRAEDGE1318 Ref C: 2022-09-28T12:26:51Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpu+AUcXWzfFQRqxJ/Cg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8LLQN17-18-7ANA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4599
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dhR7b4mBRIeRtkSbHAglNw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dhR7b4mBRIeRtkSbHAglNw

43 B
479 B

106ms
105ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dhR7b4mBRIeRtkSbHAglNw

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 12:26:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CRJRCV4RMARNWJQ5FT4G
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dhR7b4mBRIeRtkSbHAglNw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4599
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Om4RinT9QTm8pkEs3J0WSQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Om4RinT9QTm8pkEs3J0WSQ

43 B
479 B

37ms
37ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Om4RinT9QTm8pkEs3J0WSQ

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 12:26:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RJC39ZQXX9A95J16WWQF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Om4RinT9QTm8pkEs3J0WSQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 3CE7 33 KB
16 KB 142ms
30ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=57961627;click=https%3A%2F%2Fhal90002.redintelligence.net%2Fc%2Fp9qoiknyfs0944f%3Ftprde%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 141d0c16f846671454c7819c37fafe483ceb63aecb14695abd4a911d67df3d49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 11:10:06 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 29 Sep 2022 15:38:58 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C195 106 KB
38 KB 66ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: online2pdf.com
URL: https://online2pdf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
Origin: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 11:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Sep 2022 11:13:47 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame C195 8 KB
3 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cs7PKr8w5q_uEF1wL_hTZVRFeJQlHeMrXwFU_nAa1GG06h2RLXqptU3yrvmDQLIlExsyrLtrx9hewE7MVbi9Qok_vTWg&cry=1&dbm_d=AKAmf-BlKh7RReZKWXff-w3t11cor6y7orHm4xR5oYNncHdBYLNZpQjdtF7gJt_5amcV-5ovcJrS1lIsyfYFqMetmx93th-j6dzpSo925z7M7nW8UO2b94JTno5PoGg67hYmqSZfKVHcdJ-hBD3U1LXdEdfB845LTUN4hdeNjYZdkOTIALw_230_3g1fvZ4PSfa04p9pA0QpVc254F2E1B-jiToQ15DKx9ksYTd0uprVnvnjQS7HS7Huhj4oNxP4fNefPeUay5CDol0nxSbmiPCGbVOb45TVXvQuOS5z0FDgcY3_-PAssFNhjKwELGcBfC2edBPn1kU0NE9gtxZ1i6a1ifeTZUOtpHgY7xPxbbptmJ7pfUmuRHQvBQpc4hsobiqOUYOpD7YWZuZwIf5MssgcVCqpR9GrT2qdhjJaMuazxXpVC_022qMwRhp3ax7bg0jVz8jzieTUWAoI1JYP88GksfWOWeKc3XefhAPibmt2AEXUeKacV5w0LkTecWJq92Joetzn8Hgldgznl3UjCdxuYVOmhlaerAPgqsCRoq6AKGgOAQUw1A-YOhg7gS-Dj92ewnb3fSf8rEGTxxElpbxnu3AzzFFUuKPHToNo3-dNuIyhQTTykkwXOuFQJGYYKNMLRxCqaOLYx5Xy8c58mOZwAnXaET1Bua82hjI7z1-Phus2WaWZ5TaiDjon5z6GEYx-oNr_q6jsb3VSPp5uqkuxXZjt8lhwgyPQ1LRfTZMkGjDHwlDaPKpZniPrU_hiDO1jEj_aWaI-2wRhQYC_qsGlymqX_Rjz0_WowhxFCyAKmO8LZba2gBYaAKvt5niVAsG0_p6RWIieSOehga_jSzKzItObSR2SimIN8hIKQ9e7pa-Eh5ojWTIvoZ5XmABqV-KoCN5wUqPxx0RGhUQQQgNm5YRYju40OlsUH7MWoWGKTEFVwc3SYdSQEsDXXMaukyds1OrhkY4EnbIllNohk3Iy652QaR0HWtx71cnun7v76d6qI9twDxJERWWRIzmYpijAM9OKCC04UXKOfSeC3GtC2aW4cc_4Cc5g7sVR-SPRf-CT77Di_uz_vy9U7C6w5fsUp9gIB2VmMhZFJCLHYzae73tktAfVNhuHAWXn_Ctq8hEmDxmbhyLUiqmxUn0Djwr-SBbOkUkuAnxoSvPAyNLvu18z7OkAIACLcgn4zgxst5J01J5ulPMifvCdeXqPR26Kox8g_poT683pZACeuQNcpxnQs4Ju5mMhYSBuutUEc_ssMUPtpG-aosXYwE3EPdnKvI_D0VPxCYAFGk69Z5-DC-t5TWjsPkbZ1ScGjNiigjouw9lGV-pX25v9CjElvRz-N-q6V7-0fShuztYYtPrB8pbs6sR6z6wgj6j_45w-z6AEm8qEbgKTxTK3rSOgBuLZ9LL4izIjJEWabi4UDKJ2JBwfS4AVj4Q-TbO7u3BMEd6rRxAEUZXC9IwR32Bso9MSm31y6u3Vi4bQAUPVN8YCd0tra8A7KxGsKWjaHZKk9WTYia40VeYMtAtPVHJoQmKWGofG2jKSK1kM7FoMtfDWjmMp3MVJybkUK-e3nL5hgxVzb6MulcI8JlHcbjDU-4CVorJPL5yGxQYbkOP81ZaG9SCRPPxcN7XHUhH1LQ5A1oROSw7N0rwOIFjR5nYiYSMlc2TilQae4_TPuJEYnxEXwUXjVg2C_1Aakgb6OmND0slADvfdbx_OmQ-DLJ3WjnpOp0GBiqSb0SN16ecnhvUpL2GT-dB4tLHbkxA7MCfxXMn-EVqM12Xylqygg-oNN6dtlbqVHKyfrmOHFPoxVReTwry9H6ndkcEzokkV1QWhYmLAV_CLkUpymuK-BXy9RnyAsHGuTbsesHQUwxiPOGc_3UFW5Yrw1C2clwtww6ed0go1irnMSPcQRZBnlDsFQuu4iIpmRxW04fIWRk_CFCOt3vMsGQCYjokyPAl5nUCaqEudXb99mdectlRWbjCoLneGl9EHohrEcm6Ima4q7EOziMZb9WDBskBq9cNJVPayUVzdRRMZ_KAqhRD4vWBaPGEaB_KN-uvEV-CJoPAaFpg2-OShglT6mLJCCF9vrzSby8Oylyrr6NqawxBGQ-elNYF85Mcm1FfSm9C9fAImSVTjymMmF9ELQ4iHbHTMiSDrZ_pcuD-LcTs4ebwCf4KQi84fr00T39I_ZZQqfjKK_DMlL2DQ15lcnK-_mkVQTgx_tV14j309a7zfB0IRvbeFLun__qvLAbwclWWMPoHU7etGiXsUVYcI8JlkG6igP0GwWD_lbDShJ10IqVfPZdx5F5jQ1adnl1-nfJu95ynMT3upb90bgHmYXGZTf-nlBa4FxLq3hAe9LcZwWoh5_DdOH0x0j0FoFo57PhS1JUQ0B2_khJ3PJ_1cMLYYy7Hk6CcBVPbu4u2qXeQkH8Loy-9GKGFRM2ECBNOB0dYWmKnxmA8ir4Q6egRr6P51OrACiEW7rtH0ptfVClJ06gZXyDv2_1zsRjdOh35zB5x8_ex41BSYM06N2QKepQ0NmToWj5TtF4nNfB8Zw8-qmAuzjzCn2oRGzOV9WywUq5AbeCSxjf1rhZuyMqj3FbaUn25TMI4rd40u4kfFAEuI8OpXm7NosS3Jnop-sDTEI0VnpSh928fI5c76SihOKC9nBxgwKu6HyNOQJNlZGVozrbysqt6_G1ziQ7OQTK6RS1UwliOQhjhbA-H8QvUTVfonCbOCIRqPGoGQkJ0cJ3hKSaHreMG2D4VSSStQ4sLJ8LHOx2_0PsusLazqMFdJ3TkI_niNSSEqwHZcLCok8d6bVqWHpYHdVCk8b5zHCXueTl6_iHdkoYBV-9vogQ96C0Xbk3ICn-OXkLsCRUp5QOnFJ3rVHNfTTetX4WyMWgO_lFxKsoTwCe8xqtVuCageuKmOVjRoSZKcoHRZn2-IwzbyPe6tBHs4vkNh2mr2iy25GDoeWyZCjmNOQHDc-1uSZxVca1fFEpx2hAVzmsp-CMAkSS0OWtMiRH5lnUuJ_xDZduW0WVkLJ7Z5HmtFHqru4FDo-BkC7w8wGPGct1-IxVplkRqXei38FYCv-HhUEf3tWkzhN9fUahuc_QSDfKhjo88OywYqHc0GUVCYPlA766w4HIoNaans9fS2nwnf1DerDUDHYDpMyYcLXPf537-_5Q&cid=CAASJORo049T_XrZqlTUAoB_LKTyIn82aNOCOeeKMfDaFZRI6dVShA&rfl=2%2Chttps%253A%252F%252Fonline2pdf.com%242%2Chttps%253A%252F%252Fads.online2pdf.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 12:19:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame C195 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
server: cafe
etag: 16554960040364120486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 12:25:18 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C195 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 11:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 11:09:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4AC3 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11006
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 09:23:25 GMT
etag: 48472445140208031
expires: Thu, 29 Sep 2022 09:23:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C195 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b089909ab9eeb6d026c3bbdbcec2132003a8719e6564978b6dc7288dc6eeee5c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3216 22 KB
8 KB 17ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 103046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 07:49:25 GMT
expires: Wed, 27 Sep 2023 07:49:25 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4AC3 35 B
463 B 40ms
9ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEFm10riyKCK3cld7OsGMaM&google_cver=1&google_push=AZmPxg-U0CTX4j9XDj4_px22xvy6DjkVO-4DoIVYCvpKrnaI0Qw8rGBs4mrlXtzf_JQYtUfaH5wLubSQLLe3eU4EaY2MhyH1eh94

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4AC3
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDgsBKTaf-ZKxnNZx7nHyOI&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDgsBKTaf-ZKxnNZx7nHyOI&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RU1hR2VWQWwxT0R3OWw1&google_gid=CAESEDgsBKTaf-ZKxnNZx7nHyOI&google_cver=1&google_push=AZmPxg8bQM1S9a3jrHyyA9Ag5Tt8EBV9rv8iMBJshxnl_bQ...

170 B
188 B

22ms
21ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RU1hR2VWQWwxT0R3OWw1&google_gid=CAESEDgsBKTaf-ZKxnNZx7nHyOI&google_cver=1&google_push=AZmPxg8bQM1S9a3jrHyyA9Ag5Tt8EBV9rv8iMBJshxnl_bQ_3WQqoQgIS1EqDAT_iJQXJANYZNV0t-N8DL6APpfWf4sNUrknhkdk

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 12:26:50 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-099f432ee1f2aa78b@us-west-2a@dxedge-app-us-west-2-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RU1hR2VWQWwxT0R3OWw1&google_gid=CAESEDgsBKTaf-ZKxnNZx7nHyOI&google_cver=1&google_push=AZmPxg8bQM1S9a3jrHyyA9Ag5Tt8EBV9rv8iMBJshxnl_bQ_3WQqoQgIS1EqDAT_iJQXJANYZNV0t-N8DL6APpfWf4sNUrknhkdk
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4AC3
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJEWEAe5O6A7y8-vSW2BDYc&google_cver=1&google_push=AZmPxg9ehLURFbQOY7rWIfVOm7ThVDYu3aTh9qRUyuI451t5zhHWcNvryqQpI_sa_MAt5RmGHB599tvaxzfaWuCwAU68WathtW9e
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC4D423C13474BAF973226A9856689FB&google_push=AZmPxg9ehLURFbQOY7rWIfVOm7ThVDYu3aTh9qRUyuI451t5zhHWcNvryqQpI_sa_MAt5RmGHB599tvaxzfaWuC...

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC4D423C13474BAF973226A9856689FB&google_push=AZmPxg9ehLURFbQOY7rWIfVOm7ThVDYu3aTh9qRUyuI451t5zhHWcNvryqQpI_sa_MAt5RmGHB599tvaxzfaWuCwAU68WathtW9e

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 28 Sep 2022 12:26:51 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC4D423C13474BAF973226A9856689FB&google_push=AZmPxg9ehLURFbQOY7rWIfVOm7ThVDYu3aTh9qRUyuI451t5zhHWcNvryqQpI_sa_MAt5RmGHB599tvaxzfaWuCwAU68WathtW9e
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 27 Sep 2022 12:26:51 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4AC3
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDNOVikbiunTDlycPX9pA3E&google_cver=1&google_push=AZmPxg8v2Yu8jUpEPVM-LVf4qgrnNOHFcKov6GIQud4zX58wiUWsAbwVohr07Pi_EC3MYmX8ulU6RDRjz8vLdCqN94IXsJb...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDNOVikbiunTDlycPX9pA3E&google_cver=1&google_push=AZmPxg8v2Yu8jUpEPVM-LVf4qgrnNOHFcKov6GIQud4zX58wiUWsAbwVohr07Pi_EC3MYmX8ulU6RDRjz8vLdCqN94IXs...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8v2Yu8jUpEPVM-LVf4qgrnNOHFcKov6GIQud4zX58wiUWsAbwVohr07Pi_EC3MYmX8ulU6RDRjz8vLdCqN94IXsJbN7xY

170 B
188 B

21ms
20ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8v2Yu8jUpEPVM-LVf4qgrnNOHFcKov6GIQud4zX58wiUWsAbwVohr07Pi_EC3MYmX8ulU6RDRjz8vLdCqN94IXsJbN7xY

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8v2Yu8jUpEPVM-LVf4qgrnNOHFcKov6GIQud4zX58wiUWsAbwVohr07Pi_EC3MYmX8ulU6RDRjz8vLdCqN94IXsJbN7xY
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4AC3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJigKy6M0C26ANCtzz4O4JY&google_cver=1&google_push=AZmPxg9kSsbXVI8KRDNt8B1uKVmWvSpfoON0ZsbAtks4b6R-IMPsZiB14WVxRleITM2_SNUd90...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJigKy6M0C26ANCtzz4O4JY&google_cver=1&google_push=AZmPxg9kSsbXVI8KRDNt8B1uKVmWvSpfoON0ZsbAtks4b6R-IMPsZiB14WVxRleITM2_SNUd90...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS05cjE3Y0FsRTJ1RU8xcDRkeWMwNzBjbzNTSklUbGJ5bn5B&google_push=AZmPxg9kSsbXVI8KRDNt8B1uKVmWvSpfoON0ZsbAtks4b6R-IMPsZiB14...

170 B
188 B

19ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS05cjE3Y0FsRTJ1RU8xcDRkeWMwNzBjbzNTSklUbGJ5bn5B&google_push=AZmPxg9kSsbXVI8KRDNt8B1uKVmWvSpfoON0ZsbAtks4b6R-IMPsZiB14WVxRleITM2_SNUd90QGrIJgBSKEkQSf0MbALb2gQZLrMQ

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS05cjE3Y0FsRTJ1RU8xcDRkeWMwNzBjbzNTSklUbGJ5bn5B&google_push=AZmPxg9kSsbXVI8KRDNt8B1uKVmWvSpfoON0ZsbAtks4b6R-IMPsZiB14WVxRleITM2_SNUd90QGrIJgBSKEkQSf0MbALb2gQZLrMQ
date: Wed, 28 Sep 2022 12:26:51 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 4AC3
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMcPKBU6ZcQbdWz3Dn4iasE&google_cver=1&google_push=AZmPxg8OKoN9uYOM-AeCX6x_fSXJMTbBE3dgkJxCiIwp6YT2XWe92Mzi5nFLYTp2Z7Ey2XTG6r3aIG13atP...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8OKoN9uYOM-AeCX6x_fSXJMTbBE3dgkJxCiIwp6YT2XWe92Mzi5nFLYTp2Z7Ey2XTG6r3aIG13atPA-P9vzRcTYa8t7jg24g
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

8ms
8ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4AC3
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHeg54ATzRZkqEXnNU8RLuk&google_cver=1&google_push=AZmPxg96uN1Hkyant...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTc3NzM3ODY1NzEzOTgxMTE4NA%3D%3D&google_gid=CAESEHeg54ATzRZkqEXnNU8RLuk&google_cver=1&google_push=AZmPxg96uN1HkyantgkV7u4zgqoy54zJGj...

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTc3NzM3ODY1NzEzOTgxMTE4NA%3D%3D&google_gid=CAESEHeg54ATzRZkqEXnNU8RLuk&google_cver=1&google_push=AZmPxg96uN1HkyantgkV7u4zgqoy54zJGjzAwEJ2i3mLOI8fdR7h-v7NRFa2fozrvouYsZQ8z4bVxjXkVpezNsbdxADGVdJQm7lxtA

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 12:26:51 GMT
AN-X-Request-Uuid: c26ab501-c8ee-40c0-95ac-9588f18e4366
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTc3NzM3ODY1NzEzOTgxMTE4NA%3D%3D&google_gid=CAESEHeg54ATzRZkqEXnNU8RLuk&google_cver=1&google_push=AZmPxg96uN1HkyantgkV7u4zgqoy54zJGjzAwEJ2i3mLOI8fdR7h-v7NRFa2fozrvouYsZQ8z4bVxjXkVpezNsbdxADGVdJQm7lxtA
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4AC3 0
12 B 23ms
19ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IAJ8dRSwhvXDUzH8iI7tPJelbd-TV0U4lZZO7jSV2sJk5yAyBft9efSrtyTRpWy2Y16W0dfgkX

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14430504287777466289/ Frame D825 107 KB
20 KB 29ms
12ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14430504287777466289/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ab316bf64f21d71f8d304220dc9607846b8f3d8d19c732ac37629c9122b237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 425560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 20565
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 14:14:11 GMT
expires: Sat, 23 Sep 2023 14:14:11 GMT
last-modified: Mon, 21 Feb 2022 17:43:22 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C195 0
622 B 117ms
62ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvfqigJpjnUDNdYZKjHK6oFzIqriIiftg7JVWXdASST7BO7YKi0mJ75HNDS660ZSzJtq_us_MmVEilYwvRuQLlBgPJQ_BkRJ-RgJyoZRdXgdSkpPfwnQWv88fU9ywRKqe1tgSv20voKDptsocZuM12VuWtb2CuX1lnuZj-jxcLFWYPdHbj5tFgjSvLNA04dt1CdvOBGNFesTqlGdCDAfdfubxVpzqhq21O__0OVmH969io5tqdwRw0RGwPwquThCKfQUjQz4Yvk20rOu2CfDgC8onMdE2dsp9ZoIhRsL2jAehAncKEgyudIZqmBv2yJQFoBqkUhuTAXTcZEzXMMLTuM-fTaF0u-XrX0fsRMPh12RqvNXe22UxG0izaub1hjtGQt-GcdcL2XVWieRW9_sh5L-EnAPb-lmcGkQmK2o5B1GsqSGKhPoGyN4PuBK5dbMZ0VXN9r93Gv19NYiM9DUGfPg96seV3x8Ns5XLa02k_iRrYVwdnT3_s9dm3cND4ac2mipAwL4su7qBlmioHB6feJnnI9nMG88JkpIV97rZDMSU7n294nb6FOXTt6fwWtif0mHNpXl4qdDYirZnSwi3vap2IiXdmxXG5TaV1hcb2WIngxoLDUSaZr5iRpfES4nbIoc1pq_a0XXmVy-xH4wapabGfTAoEuW7ZIlfU_04mnx8uJslB2nrNcIl92ARSNK3cjyyOON66Ic4X99bxVaxV4YZ30qwYYJGfGJfSAQX4FJ50koKuj18c005h24_-hoRICDGfDC7wkss1SBgzV6lGnySqMOBZv4RBA5wFx0QmMj-kviwfzWtvvo0nb1EoyWdIvhyYO8kvMvtJVoHmPnCjjve7Fqa5zYzejBai4nk-D-dV0PdDyIDwz1drvFrGVi6uqGK0vkh7rn0dQEebbu8FerEpFraEiTFQfYngUEPhLDI2VikU-SikQHp5cmCpls62ZSOZ3TjWCpLYk520rVow0wddLVTqQpqJO3XAs7uF8aftbA_nAvQI4n0nP1lYJyDFn4VKCSB5OFd_o94S-2qcQINVAeKR5eTKpL2Blctq7HqCSLRG1aRSEPz8VlB8A0JD-YmKLsavKv5UV4KK0ftZQrt3vwWcZDe7sQ0pvcoygU4KpOQOlNfdu2g2t__DbAz6Rn2nC7PMyePoVbErIZjqO3sLeMlnnYM9_O5HtGISu4IJ_wzDuy5-2_fgaAGeU8lN_b-j01_h5fC9Bj95IJatYdz8&sai=AMfl-YRKv2_zURMgd2nzWSYq0Ch1zSfQDsVdyF5pRQSeY-M4OdoZrEB7CWVoRn0KOtTIlFrad7XHo9cD6jG2BRD5EGynlSADYlngq9ICY8XWViyDAmpiFAVQFWNeyi7923Kvw3pBsAtHV5l4JwDpPlg0k9f6HwxWZ-okfzk88OfwGWnLSNNt9mp6LY-8SYrI_RD5lQoqJRhWuzrXB3HBbnYBqT3A&sig=Cg0ArKJSzONpOtGcTlDYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=91&cbvp=1&cstd=87&cisv=r20220922.51974&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: online2pdf.com
URL: https://online2pdf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 28 Sep 2022 12:26:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3216 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 16:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 16:51:22 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame D825 29 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14430504287777466289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14430504287777466289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 21:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Sep 2022 21:22:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 82A9 0
0 45ms
44ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092201&jk=4162321898369777&bg=!ExClEFTNAAYIxsuQKMY7ACkAdvg8WmtfRUlAzH12BGWL7szNQ7GTZMLFDkZwx7uwGOOl4Kn5RB1zdgIAAADgUgAAAAFoAQcKAFJe9mOBUDk9KU6F2crv-UjUNgy6LsJxd1ezj4RQa9GeMr8EZzenKcFZlqCVRyLktyTGtS2goc06CqnFApO-2JK4BKV6l_Yvs9J59mIxFEMHd4UAmQK7iK3GuAy2_N4x_JyoAEnCVOjqw5TJ9EnRa5vvMdmccEbeCHSTs144uRSKFus8pOGl1PKKt09bgG1t2qBqZ8Ao2tu_8dnwPcIj2h_uNhuUPNPZj3Uzm2wy6v3JGq--NX47m3hS-tbuogQNpw7Y9Gd0oRuXzaUAzdv3MyJRKvt8qyl3gqQypcPVis8ah5efSTNMwKKPb9oXNicnKD337q9h1BTbuc-boUGkCjZour7y6_dNrycuv-tKmjIUcL0tYYkyws47ENQu6gd0c7hj7Gni_BxL-SthjFVfwzkUsu1DJFYyZ11VkJtvef6gG-J8yK-6mRVL9GxEq21ITmZ59eYtcOa4M-Kxfce4HZISg__dyM5zRrTs2nWlTh-3p3Og79ke2INScQdiWOs_BruY4VlAB-VIX2uKXhk_hDPK3GGFUEGZUjC9z3uY2AUOBlOV-oALXedVsPwis2sWTb0l9KdJEOMPgEg5v-3ZCpw5iwWr27_b6L42Uv7MRtIt2B_l33cBaQtZr9jFKJs9dTmrpCmDNbyEne8ORgLM_SEiiGU6NHkiuzEvAeHUIRFMdPAFgWzPalZQAHj4oHf80uwxamSUAPzvoU9mY3hGq5tD7Bg3V74nxeOXwUk3442RJFII-fevU5l3H89HN4pQp_lI7yNqtx2gEmAb3VHqsM8uMbWL3ZsmXGj0nF3IjovJOuYOO8qa5Ital-c8pnRKv0p56D2n019U6ndY5gnKPW1eh8KlBsEz94_1AsA5VM4G96FwKmMfgeAk49mWVEZO259KIDatLawnObWuP_TFCQfxrVKsjVG7LkCPATAa7pd2snUKh7p1jxfVLjvyfePb1fsE7XaK6w6QmNW1z_XPPHbctATXazlhQklUnrxUfGdIg53t7kdlAh10n3YVkYxcEBovMWa8ddTH_aU9jsedrgi3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 29AC 0
0 44ms
44ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092201&jk=1590807667526688&bg=!ERKlElbNAAYIxsuQKMY7ACkAdvg8WhU3nvWGDg6I6lO1RkfhZqoD639LoQxlk4QayCQZtoG3nikPfwIAAADaUgAAAANoAQeZAsIm78ZwFRHiGYmksormBOj_1sOV4MPSnZ4K8vaFVNxQ7hGUZzo52nul3omDDd0j3P-swsZAVj1vGvcTqAEBI9tv75Em6odme6LZ0xemTdLpWGh7Qrr-cFCGnFalKKC8zlv2Ighv0-G7RkD-ZCceCSH7Ms2eJBW1Fmsb8hDM1cS7RsQXRhM3gTAHSbmiXclH8uAg7RSPe9-XeXpVSwbJ_u3u2EQMyqBpCR31giM2AnHf_4z6VcNxmDsXCpfp1we2eFvAJrG0Hjh9UGRm7ktWPLQOcMEEBEagIzhQ4BSM0c5O_rG__mSMtXLMP1K4-OEsLUwgM9nK6L6dyqHYvLTrDUM7qFaSH3zjolmSfj5Ivbcdxw6XkN0O0GNbSCCGgnryrYKzje1Siv-Nff6RxY8ksywb728BML_97-EvpjzVmTPkBxHHQz2L4X4tsGltiGQ8dSRIKCEulSEQW3m1SO0hhDbLx8v_S_vxEJcWwK5VOb6LsoMpKri5Lyq6JHVf-kFDd42YB7b2yDzuF0GgFwkvFRtXUYIUdGdAZVclnYr-lbPQCdtKKZMwNKJBshpfyOqXIOubJwZuaomj38M2lDs_qCax30PaAJcMb7J_iAlUDbQGZqVgvmhoBUMe8591WpH5mxrq5-FwuHf6BdXPEBt4-ZhkUWgAXO6-0j8DjLx50kbov7NPph8jOZffLJSbR_uuVkSfqLiGP5k_Ap4HEnLa3JYPrw3R6F-7OcZ6kxiOQZpBIhuXxSyNCbBlSQMf8MtD2dGJiqLsu9M-EGhU5o6Ub-lBOANr3MQ71xDUIvd4CTWP4wg16M5ai7u_c2dsgtOxGm8cv9cO3zhQ6O2DQ6rhvq7OJAchnT7YWwp0IAShRUV5bsvMvSSncOzfPe2VKL_6jHH9wgnVddaFAm0PRWpRovpt-0xUKVOTtu4LKg7Fr3CB559l
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 3CE7 4 KB
2 KB 32ms
31ms Script
text/javascript 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=57961627;click=https%3A%2F%2Fhal90002.redintelligence.net%2Fc%2Fp9qoiknyfs0944f%3Ftprde%3D;js=1;adfxid=1x;10116;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fonline2pdf.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fafc955bc45056ee5ec1ced950940159610ed7e8ce62d1364526c8cf5ec89f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1986
expires: -1

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C195 0
63 B 53ms
52ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvfqigJpjnUDNdYZKjHK6oFzIqriIiftg7JVWXdASST7BO7YKi0mJ75HNDS660ZSzJtq_us_MmVEilYwvRuQLlBgPJQ_BkRJ-RgJyoZRdXgdSkpPfwnQWv88fU9ywRKqe1tgSv20voKDptsocZuM12VuWtb2CuX1lnuZj-jxcLFWYPdHbj5tFgjSvLNA04dt1CdvOBGNFesTqlGdCDAfdfubxVpzqhq21O__0OVmH969io5tqdwRw0RGwPwquThCKfQUjQz4Yvk20rOu2CfDgC8onMdE2dsp9ZoIhRsL2jAehAncKEgyudIZqmBv2yJQFoBqkUhuTAXTcZEzXMMLTuM-fTaF0u-XrX0fsRMPh12RqvNXe22UxG0izaub1hjtGQt-GcdcL2XVWieRW9_sh5L-EnAPb-lmcGkQmK2o5B1GsqSGKhPoGyN4PuBK5dbMZ0VXN9r93Gv19NYiM9DUGfPg96seV3x8Ns5XLa02k_iRrYVwdnT3_s9dm3cND4ac2mipAwL4su7qBlmioHB6feJnnI9nMG88JkpIV97rZDMSU7n294nb6FOXTt6fwWtif0mHNpXl4qdDYirZnSwi3vap2IiXdmxXG5TaV1hcb2WIngxoLDUSaZr5iRpfES4nbIoc1pq_a0XXmVy-xH4wapabGfTAoEuW7ZIlfU_04mnx8uJslB2nrNcIl92ARSNK3cjyyOON66Ic4X99bxVaxV4YZ30qwYYJGfGJfSAQX4FJ50koKuj18c005h24_-hoRICDGfDC7wkss1SBgzV6lGnySqMOBZv4RBA5wFx0QmMj-kviwfzWtvvo0nb1EoyWdIvhyYO8kvMvtJVoHmPnCjjve7Fqa5zYzejBai4nk-D-dV0PdDyIDwz1drvFrGVi6uqGK0vkh7rn0dQEebbu8FerEpFraEiTFQfYngUEPhLDI2VikU-SikQHp5cmCpls62ZSOZ3TjWCpLYk520rVow0wddLVTqQpqJO3XAs7uF8aftbA_nAvQI4n0nP1lYJyDFn4VKCSB5OFd_o94S-2qcQINVAeKR5eTKpL2Blctq7HqCSLRG1aRSEPz8VlB8A0JD-YmKLsavKv5UV4KK0ftZQrt3vwWcZDe7sQ0pvcoygU4KpOQOlNfdu2g2t__DbAz6Rn2nC7PMyePoVbErIZjqO3sLeMlnnYM9_O5HtGISu4IJ_wzDuy5-2_fgaAGeU8lN_b-j01_h5fC9Bj95IJatYdz8&sai=AMfl-YRKv2_zURMgd2nzWSYq0Ch1zSfQDsVdyF5pRQSeY-M4OdoZrEB7CWVoRn0KOtTIlFrad7XHo9cD6jG2BRD5EGynlSADYlngq9ICY8XWViyDAmpiFAVQFWNeyi7923Kvw3pBsAtHV5l4JwDpPlg0k9f6HwxWZ-okfzk88OfwGWnLSNNt9mp6LY-8SYrI_RD5lQoqJRhWuzrXB3HBbnYBqT3A&sig=Cg0ArKJSzONpOtGcTlDYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=205&vt=11&dtpt=114&dett=3&cstd=87&cisv=r20220922.51974&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: online2pdf.com
URL: https://online2pdf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 CTA.png
s0.2mdn.net/sadbundle/14430504287777466289/ Frame D825 2 KB
2 KB 14ms
12ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14430504287777466289/CTA.png

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c68060e7d5e06313031bde36d13ce808b02db86dc4184dfcf4fb3c877e21f8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14430504287777466289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:14:11 GMT
x-content-type-options: nosniff
age: 425560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1929
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Sep 2023 14:14:11 GMT

GET
H3 200 SL_02.png
s0.2mdn.net/sadbundle/14430504287777466289/ Frame D825 1 KB
1 KB 29ms
27ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14430504287777466289/SL_02.png

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27200809b75c97e4571b315dcf68fd8d0830f16fdc79862762794831bf068683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14430504287777466289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:14:11 GMT
x-content-type-options: nosniff
age: 425560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1354
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Sep 2023 14:14:11 GMT

GET
H3 200 SL_01.png
s0.2mdn.net/sadbundle/14430504287777466289/ Frame D825 2 KB
2 KB 30ms
28ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14430504287777466289/SL_01.png

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c596a08ddf23301fd6d0298e72d53d64eb0923df409134412d41845bec268ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14430504287777466289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:14:11 GMT
x-content-type-options: nosniff
age: 425560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2277
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Sep 2023 14:14:11 GMT

GET
H3 200 HL_03.png
s0.2mdn.net/sadbundle/14430504287777466289/ Frame D825 2 KB
2 KB 29ms
28ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14430504287777466289/HL_03.png

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ca80703b128a6700e07dba69884b9c8d9a35c5d40e6609b30ff2fc51ac057cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14430504287777466289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 12:16:37 GMT
x-content-type-options: nosniff
age: 432614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2179
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Sep 2023 12:16:37 GMT

GET
H3 200 HL_02.png
s0.2mdn.net/sadbundle/14430504287777466289/ Frame D825 2 KB
2 KB 28ms
26ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14430504287777466289/HL_02.png

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed8adef3a2a95e288547fe7eea06970b3bb39999fe8259ad900d7b68618a05a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14430504287777466289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:14:11 GMT
x-content-type-options: nosniff
age: 425560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2323
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Sep 2023 14:14:11 GMT

GET
H3 200 HL_01.png
s0.2mdn.net/sadbundle/14430504287777466289/ Frame D825 1 KB
1 KB 26ms
25ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14430504287777466289/HL_01.png

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb3aa45ab179e35b6023a61798c19fd507a192fe05a7698124847bbe22a51ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14430504287777466289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:14:11 GMT
x-content-type-options: nosniff
age: 425560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Sep 2023 14:14:11 GMT

GET
H3 200 Engel.png
s0.2mdn.net/sadbundle/14430504287777466289/ Frame D825 17 KB
17 KB 15ms
14ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14430504287777466289/Engel.png

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e6b9a5c603b16cd6c01216241a2d3295fa4e281d794b556d154f0976bdbb5ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14430504287777466289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:14:11 GMT
x-content-type-options: nosniff
age: 425560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17656
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Sep 2023 14:14:11 GMT

GET
H3 200 Logo.png
s0.2mdn.net/sadbundle/14430504287777466289/ Frame D825 5 KB
5 KB 26ms
24ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14430504287777466289/Logo.png

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

314dcc269abda99c85ec7206d8503c53975120bd30063fc80993c27c6e669709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14430504287777466289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:14:11 GMT
x-content-type-options: nosniff
age: 425560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4875
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Sep 2023 14:14:11 GMT

GET
H3 200 Facette.png
s0.2mdn.net/sadbundle/14430504287777466289/ Frame D825 40 KB
40 KB 17ms
16ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14430504287777466289/Facette.png

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8643dde88644b2c1ba0205306e9fc8a6bbbf0d200d23b472077600346e521050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14430504287777466289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:14:11 GMT
x-content-type-options: nosniff
age: 425560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41152
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Sep 2023 14:14:11 GMT

GET
H3 200 BG.jpg
s0.2mdn.net/sadbundle/14430504287777466289/ Frame D825 50 KB
50 KB 19ms
18ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14430504287777466289/BG.jpg

Requested by

Host: b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
URL: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2795ae4327a336062e1e3a585697e3067ce863f6b62e5bd3f290a52638bd86f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14430504287777466289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:14:11 GMT
x-content-type-options: nosniff
age: 425560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51018
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Sep 2023 14:14:11 GMT

GET
DATA 200
OK truncated
/ Frame 3CE7 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3216 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWVTUij00Y-mqOZmI9u8Pz8uysAgAAAAAOAHgBAI&bg=!lZalltLNAAYIxsuQKMY7ACkAdvg8WrYT-BiJrFe2KBgbtcZNUti6xy-pCZS2GAMvOG63n4OPkSbCYQIAAAB1UgAAAAJoAQcKAEidu3QoXUulkIBx-HhXCgRBy0Au4qPigt_a6Dw6FAWg5rNCsoNmPe1mg5Giuk-n8bh6Wbbjf6_ZMR8H-7wgPwLriFyT72nK3yGZAwLcm6vJXxjmsvO6F1MIv2cPd3G0MP66CvWq3vwXasEwHNGm_eSQ9x6g9AKXCKlJ-0VBCQKzt8Z654dz6eo5erPmGt9wo94M-z_AbEvo3kyymvaxHtSu6HxlPQ3hDbOedqAu7EhL2T-pnNwHvRSBXRbNMrcCavL1RgbsUf7yTK3rYkxTlFq0NqZZTCF-dR31-bRue0OzWwoIblOexy_fcOamEa09tT9cMwrvKdHZOLYw8sYTpKDAsKAwb46GA6Uba4aGlG475yc97ixnpFgcfUEhRWkuvaemwOql_PZSxwlEp8a0ezR9uxgdXkmc9QbJOzsjcjGL2XJEWpuANjoIvqkiHHeVPHBW0QeBc1FQL_CpuYxc46scZoQ8woGBz4v4kgKTMXicP2Ebun7DlRqfOPJ7kFWn4NMc-jwNccmGYeCgToayn2buBLvT_UjWc08waNSP_stIXKe6hfJ2kq7YkjGdijdZHwafqmQ9CZFEIJ-uxHToWIUpkEnIKZHbJdIcvAbwNUDZFwCF6QJPTNoyF_ZmdXWfkhit14Fj3Vdbb9K5Hz1_0iRmxQMJuMUcBKvTL9rytLbXILQnMfxPwY-LC8fqcInhKep3If7bt_mLIGkLLqlD5VjmCK_LSCiKgDXodKkYDIHAoaIyJJqXYD5u2Oa4luhzA0nyO7d4qnq998_Dr-upq8ctMIUU7vpMN24aC1PhKXCY57h76ZsQG_c7UNIInJCQwboMzjn8wQ-ggHCpgQlDVYzlAfxN86fTWUlToDhzQn7DUwHn0VD72OzYlXJ4kzXic-WqOuJeGX14qsfmo7gjLv0AqzJ55LOo0mE4W4K2dCDaQyX7KY9tjmLwobl6vFVXjXxI7zMM18zJMCjbtCQSRtzazsDCLfxRy-IyZ6ngEsn7EuGALpsjo20Pn_g8glPJE0zhxTVikRXscNNKiod1z31VbR1t6IkE_JmTAKNfkO0B4x-zdvla9sPhbtKuRSzdTPXkL_ZpuGA14k723pMdoXQVS6lQ6FDGGZfgyKlPnw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 3CE7 90 KB
39 KB 41ms
41ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b7eeadc317a496e1de4fee39506d782aa7279cb5cb0de186bcff680b2f84fee8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 11:10:06 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 29 Sep 2022 15:25:35 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 3CE7 35 B
477 B 31ms
30ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=57961627&csi=1YVx_kvcLekXAXDhSqPjqroYLaiX4agw7B5MdXPbS5brygPkIxxfk1f9phiyXjl1WTF-RYMXX6bIh9VST4o2fN6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal90002.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal90002.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 11733190.js Show response
s1.adform.net/Banners/Elements/Files/160090/11733190/ Frame B710 3 KB
1 KB 29ms
29ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/11733190.js?ADFassetID=11733190&bv=259
Requested by: Host: online2pdf.com
URL: https://online2pdf.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7f2ad132f916983bac0d58e89d6c85d79db494ab392b30d56811aff567c3042a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx000004160edfeffcf925e-006334378c-3292f8ba-default
etag: W/"2faa228ab5994960963c283486cde247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 screen.css
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 1 KB
953 B 29ms
26ms Stylesheet
text/css 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/screen.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 66ea9c52ed69efb333f3c36548e4614e1b26905035e53244c366654ab7fffb9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx0000070adf47a966516bb-006334378c-3292a873-default
etag: W/"f4982eadaacc73986294a47f631c0257"
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame B710 30 KB
14 KB 37ms
32ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx00000b783a7136a900f90-006334288b-3292a873-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 introfill.png
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 103 B
431 B 38ms
34ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/introfill.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx0000080b83846fa0ea773-006334378c-3292f8ba-default
etag: "eeb9c35d55092b02bf5fa183ecd734f8"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 103

GET
H2 200 text0.png
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 5 KB
5 KB 38ms
34ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/text0.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx0000025029edd0a0dac24-006334378c-3292d378-default
etag: "b40bca9f571a135a168188a0310caad3"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4939

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 15 KB
15 KB 43ms
39ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/text1.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: fb7c2fff4cb42aa2f4f547e435d841022952c37543989cc61a24ece01e7d2d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx00000b4b70e46693afa6f-006334378c-3292f941-default
etag: "94d0e9e5af6b03f8a3eaa1dcb4209c45"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15326

GET
H2 200 text2.png
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 8 KB
8 KB 44ms
40ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/text2.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 81b6d1d4428514a7a5e5dc8aefac11104b3a350a3efeee2fb6deb0a5a45569c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx000004f78c0f043a42f22-006334378c-3292ab66-default
etag: "7a7ca5a51e29dc28e156d11865588954"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7909

GET
H2 200 stoerer.png
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 17 KB
18 KB 48ms
44ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/stoerer.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 364687382a6a909cebd2560c9707f56fac2bb86b84e366f2f3434be67f6b647f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx00000a9861d9b21ed9ae1-006334378c-3292f8ba-default
etag: "8857759293335af79cf37778a772115f"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17693

GET
H2 200 disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 1 KB
2 KB 49ms
45ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/disclaimer.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 87b9fa7efc94c1145c336dfa8e5b245461d0d2c950996f9b0f0e8ccea0289b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx000001c93479d2038aafd-006334378c-3292f941-default
etag: "701af2831904f4feadb64c35b985edeb"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1283

GET
H2 200 date.png
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 4 KB
4 KB 50ms
46ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/date.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 08ae6dd6bedd2dc7770da26afd27546c0a9da08885545afb3c17fe799ee26891

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx00000347f53c9d4af4f89-006334378c-3292f941-default
etag: "6dc1941c6f5cd5984b39e45392f694d2"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4023

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 2 KB
2 KB 55ms
52ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/cta.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 35ab3aecb266f9e403b061790293e55996a1ba684db1f078c181e93f3455e119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx0000035c62ec47538ccc1-006334378c-3292f8ba-default
etag: "c04ff1373bee8e2c82393e972928be3f"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1745

GET
H2 200 logostart.png
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 5 KB
5 KB 60ms
57ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/logostart.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f324377940583ba7a0f81123404cc032334edf5ace8e9f5d58da1cc340e41027

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx00000aea3b78d4242f614-006334378c-3292d378-default
etag: "0539ca6530d6756126aee292b52e0cf8"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4815

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 4 KB
4 KB 61ms
58ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/logo.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx00000e246ac019276372b-006334378c-3292f941-default
etag: "926213b1f44a9786a29d0fa8b723023f"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3791

GET
H2 200 model.jpg
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 9 KB
9 KB 63ms
61ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/model.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8b1d9340eccc886f08b2f3b02675b424f45863321e53d7f04bf8b64ede36cc2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx00000df6fe7c059f3f4d2-006334378c-3292f941-default
etag: "d01dbf544d6187b62332444035791eff"
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9352

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 9 KB
9 KB 65ms
63ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/background.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8b1d9340eccc886f08b2f3b02675b424f45863321e53d7f04bf8b64ede36cc2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx000008bb2a938ce3f2eaa-006334378c-3292ab66-default
etag: "d01dbf544d6187b62332444035791eff"
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9352

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame B710 38 KB
14 KB 40ms
19ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9656149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13669
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tw95Ckp4cMJjjkKBVBQmdtKZWVzh%2FXQfvqscJ6eSGW0TYalXAq0Xfo9TH%2FJuXvfoxILoEp6w1CUfG5N%2Bh7i3ZhJoK5CEh5nijAzyOSoyIxpM%2BDOzQ9pHPvy%2FWOPvtAxbLwZXRE9wNz%2BRJFpbUdw8hiaO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 751c78480f6b5bf1-FRA
expires: Mon, 18 Sep 2023 12:26:51 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame B710 5 KB
2 KB 37ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6022571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1730
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-146f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhNS7llfasS59hUgzjG6zocz3rkvsvhycEKa3z5NDQiMCrBkinZEBBL9kPF8xk5z6%2Bswry5ajtFVcNsPsWetzIzBLk%2FEIeygXBVPsRSHLRSn%2FQ3VmxjZs2ql7HwWpsPbsgq%2Btzuayt8PjXeV%2BfjtAp6N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 751c78480f6c5bf1-FRA
expires: Mon, 18 Sep 2023 12:26:51 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame B710 26 KB
9 KB 45ms
24ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 10950105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8578
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-697f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyQ0nriEcfhJ0vkhUhOmLtDpfQKKvHjyJOIdzv2HbXrkx9RJ0680tpL9XKzL1rKF%2BJktuCKLCSbiYVoqpyhWO0aK122tBmpnQX8T83AJPeASf67benpwqxw6pRtlO1KqJAePNIAbnRj%2FyBl8oQoV9Fel"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 751c78480f6d5bf1-FRA
expires: Mon, 18 Sep 2023 12:26:51 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/ Frame B710 9 KB
2 KB 35ms
33ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/11733190/bvpath_259/script.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.222/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3541b8f5db11161e7f1dcab52ed4d1416aafcb9537cbd07e2ef739831325ae35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 12:26:51 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 12:39:37 GMT
server: nginx
x-amz-request-id: tx000006e1706599ae95b89-006334378c-32931f44-default
etag: W/"6ed892f3a4196b4f615e3ae9051bcced"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F89D 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuA0LDm0LooHVYy5d5mf9Jwuw1tMQf7BwE-hgDMNjqHVibE5o4EpysqUtLUgAt9Y0XzhXVcyqBmuDmKqZlUSsh2oaPq_GnizDiymoj7VaDHoJTr_Wgg&sig=Cg0ArKJSzPWFkwtb_ZSVEAE&id=lidar2&mcvt=1006&p=0,0,90,728&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=564771284&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664368010498&rpt=306&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.online2pdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame 3CE7 0
150 B 28ms
10ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=34319500076036305369359012096002&a=38a5496b&vb=v
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=34319500076036305369359012096002&a=8afebb5e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/request_content.php?s=34319500076036305369359012096002&a=8afebb5e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 12:26:51 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C195 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvzum5KshAGIgODDZt44wQzylYcql0-EC_iJNEePsgwp2-SYu-Ac3ll4UzbRj-5PW0bJHT3JzBexs-q_NuglTogn_-NwWKIjgOcZjzFt-nsNy4D-7mjP-AdObx&sai=AMfl-YRyqRCMp2xBiyvjdpiY1VezLiETnY-4ZuiXMUF4puztHRkNxOAWorVS2hALFBNBRJEcuSQeMnv23OG2xqLzgtbcBYmaNVuk3dX4LJzcreBA8t4avneU4tTpiQlCiA&sig=Cg0ArKJSzMJP-zKfVJ5IEAE&cid=CAASJORo049T_XrZqlTUAoB_LKTyIn82aNOCOeeKMfDaFZRI6dVShA&id=lidar2&mcvt=1001&p=0,259,40,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2227846071&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664368010857&rpt=175&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 3CE7 35 B
477 B 31ms
30ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=7391254409626588601@@57961627,2929305943961275383,100|1200|0|0|0|0|0|0|0||41|1|||||1|0|0|RzWzK5QiYC1cPlakbYq96R3OUFBzlyOM35C56ljbSHP9bk-nVcxSavL_QlhaeLlf0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal90002.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal90002.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 3CE7 35 B
477 B 31ms
31ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=7391254409626588601@@57961627,2929305943961275383,100|4799|0|0|0|0|0|0|0||164|1|||||1|0|0|RzWzK5QiYC1cPlakbYq96R3OUFBzlyOM35C56ljbSHP9bk-nVcxSavL_QlhaeLlf0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal90002.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 12:26:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal90002.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bqEKQO4DSr7ikurkHcnnVW

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bqEKQO4DSr7ikurkHcnnVW

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bqEKQO4DSr7ikurkHcnnVW

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bqEKQO4DSr7ikurkHcnnVW

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bqEKQO4DSr7ikurkHcnnVW

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bqEKQO4DSr7ikurkHcnnVW

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2ei3vmPagZwb2HlnCdzxzuVxLmZqpNE0ut0TlzaKPZ3lYaecUdyhI_LKwKgyS89CAUeP5tMcxsrLi0WnSJMIb09TPgIHsNAltxAai4Iio7wLA9IUX&sig=Cg0ArKJSzLYQ6ltumMUwEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=19&adk=2227846071&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1664368010467&rpt=115&ec=0&met=ce&wmsd=0

Verdicts & Comments Add Verdict or Comment

348 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.online2pdf.com/	1969-12-31 23:59:59	Name: SETTINGS_ID Value: 9e7acf6301c7b3ceb778d075c8ef869c
.online2pdf.com/	1970-01-20 15:05:04	Name: U Value: 8348e051dc6aff30eb1222391ea6baff
.online2pdf.com/	1969-12-31 23:59:59	Name: SESSID Value: 3ruc6rd925gahqpt4eng7pcn66
online2pdf.com/	1970-01-20 15:05:04	Name: disable_privacy_msg Value: 1
.online2pdf.com/	1970-01-20 15:55:28	Name: language Value: de
cdn.fuseplatform.net/	1970-01-20 07:02:40	Name: akacd_online2pdf Value: 1666960009~rv=91~id=98d184ebb78fc2b08b4f3a4991599e76
.prebid.a-mo.net/	1970-01-20 15:05:04	Name: __amc Value: 1_1664368009_1664368009
.rubiconproject.com/	1970-01-20 15:05:04	Name: khaos Value: L8LLQN17-18-7ANA
.rubiconproject.com/	1970-01-20 15:05:04	Name: audit Value: 1\|naVuGyos1qqeCD038xGrNF4C1LCtWBX9mfsNIvv6Qtp0kTU4st2MuU9PtSiFia/Kec3G2UPUlSnkeWyM+uUsHiL5hAXvaZVpn6lrSsNekyw=
.criteo.com/	1970-01-20 15:41:04	Name: uid Value: e08382e6-b29f-42c7-855b-ecaaf821d112
.online2pdf.com/	1970-01-20 15:41:04	Name: cto_bundle Value: HD8s9V9PSmVwdk9mZDMxdkRvbmhnRUp1SDU3NlE2UEM0bFU4UzVvQVprbmc2SEV1b2c5aVglMkJVak5raUNBT1h5cnNYZlk0dFFyeml5ZEkyVUg1Z0g1TmVIZVlaTzJQM3hUazdaZU4wSzFsOWFLaTFNMU9GcmFOd2J5QW1nNG5IZFZ4YmRvZkxXb3hZUWdBUGFOQkpuTG9ZUkdydyUzRCUzRA
.online2pdf.com/	1970-01-20 15:41:04	Name: __gads Value: ID=551645f215517b5e:T=1664368010:S=ALNI_MYsDIT4bPGZd3VXm-ER9WvDeVBh6A
.doubleclick.net/	1970-01-20 15:41:04	Name: IDE Value: AHWqTUkk9M-8T1t_Ak4s8nTK1dryyzldcjCijhsZoiEdbiN5H1H0l5N2tVTlgLerMvk
.mathtag.com/	1970-01-20 15:05:04	Name: uuid Value: dc226334-3d8a-4101-8dc9-0bd384945aea
.redintelligence.net/	1970-01-20 08:29:04	Name: 8lcfmzhxc8d6_uid Value: e6e9b23e83cb5815
.adform.net/	1970-01-20 07:02:40	Name: C Value: 1
.adnxs.com/	1970-01-20 08:29:04	Name: uuid2 Value: 1777378657139811184
.casalemedia.com/	1970-01-20 15:05:04	Name: CMID Value: YzQ9i1CjukFgEJHFKo2mTQAA
.casalemedia.com/	1970-01-20 08:29:04	Name: CMPS Value: 1202
.casalemedia.com/	1970-01-20 08:29:04	Name: CMPRO Value: 1202
.adnxs.com/	1970-01-20 08:29:04	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C''lZZ5y!]tbPl1M>e)ZlrFUfJ+tGXxoyIL(1bZ/uhP?./HxHQI]YG7t%EZf4#J%X%LbbpRzqF1`*b^gp)t+gm
.quantserve.com/	1970-01-20 08:29:04	Name: d Value: ECUBCQGaJ4EA
.quantserve.com/	1970-01-20 15:49:42	Name: mc Value: 63343d8b-171b8-601ac-2c0e7
.simpli.fi/	1970-01-20 15:06:30	Name: suid Value: BC4D423C13474BAF973226A9856689FB
.analytics.yahoo.com/	1970-01-20 15:05:04	Name: IDSYNC Value: 18yx~27f0
.yahoo.com/	1970-01-20 15:05:25	Name: A3 Value: d=AQABBIs9NGMCEC4nJRA4w3934L3bpuN2QqoFEgEBAQGPNWM-YwAAAAAA_eMAAA&S=AQAAAie-G3j7tDAK_k6-EzFISOo
.de17a.com/	1970-01-20 14:57:52	Name: guid Value: 1.5192177055899327124
.adform.net/	1970-01-20 07:45:55	Name: uid Value: 7391254409626588601
.adform.net/	1970-01-20 06:29:32	Name: TPC Value: 1664368011190
.casalemedia.com/	1970-01-20 08:29:04	Name: CMTS Value: 5152
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:05:04	Name: bcookie Value: "v=2&d41e3d3b-b00b-4509-8a65-6a672a5f157d"
.linkedin.com/	1970-01-20 10:38:40	Name: li_gc Value: MTswOzE2NjQzNjgwMTE7MjswMjFq6YQSlY3uNn3x4/De1PjJpzzJN3kVLeP74sRPAmg+dQ==
.linkedin.com/	1970-01-20 06:20:54	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2849:u=1:x=1:i=1664368011:t=1664454411:v=2:sig=AQF9-iF8hZeqUHOmqgW-v0bLc0-vEA4Y"
.amazon-adsystem.com/	1970-01-20 15:55:28	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 10:45:52	Name: ad-id Value: AwjpHG3LKULJrXHcd_rDK-k
.w55c.net/	1970-01-20 15:48:16	Name: wfivefivec Value: EMaGeVAl1ODw9l5
.w55c.net/	1970-01-20 07:02:40	Name: matchgoogle Value: 5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.online2pdf.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
api.btloader.com
b6a86e7642532c2a610e1977bbb95a5b.safeframe.googlesyndication.com
beacon-ams3.rubiconproject.com
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
cdn.fuseplatform.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dsum-sec.casalemedia.com
e1d1e29d7d0343a5d2667e4a6be02c28.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90002.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
online2pdf.com
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg8.smartadserver.com
publift-d.openx.net
px.ads.linkedin.com
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
s2.online2pdf.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssc.33across.com
static.criteo.net
tags.mathtag.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
um.simpli.fi
ups.analytics.yahoo.com
www.google.com
www.googletagservices.com
pagead2.googlesyndication.com
ssc.33across.com
104.18.18.126
104.18.19.126
108.138.4.10
130.211.23.194
138.201.64.38
142.250.184.226
142.250.186.130
142.250.186.70
147.75.85.234
178.250.0.165
178.250.2.146
18.156.0.31
185.29.132.242
185.64.189.112
185.86.137.114
185.89.210.153
185.89.210.90
2.18.232.7
2.18.233.201
213.155.156.185
216.52.2.48
23.205.235.133
2602:803:c003:200::31
2602:803:c003:200::57
2606:4700:10::ac43:8ae
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700::6811:180e
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:809::200a
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::2006
2a00:1450:400d:80d::2002
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:3500:12::1730:17a6
2a04:4e42:600::485
2a05:d018:d29:3601:ebd:fba0:5325:a4e6
34.91.62.186
34.98.64.218
35.161.30.252
35.71.131.137
37.157.6.235
37.157.6.245
46.4.10.47
51.89.9.252
52.28.133.239
52.46.143.56
52.94.223.37
69.173.144.139
92.42.142.172
92.42.142.174
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06008aafe7362327db3b5836326541ca945a3c3d1cd798bbc4e8b6c88f7b4b30
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba
08ae6dd6bedd2dc7770da26afd27546c0a9da08885545afb3c17fe799ee26891
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
121e85044f2e1b37295e187e8b25a65e99d295fd9ebd992a8a0922c50cad5a94
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129fd31d9148b4e7cf9cdf6b99db533ca7f1a62f7ad98a764272fd943f3a0052
13cc7c79f4078269405bee0c46f7352600c43af70b0dc9f7d95bf08c2dc79d11
141d0c16f846671454c7819c37fafe483ceb63aecb14695abd4a911d67df3d49
147eafe42b127d0adfb12d5ad3c59a47b8e14ecf5dca450784de626ba5d4e345
160a20bb1f82b7851d7d063b20ecf4ce8af251867e1c112a27a8825e76097f4c
1af13cd4a704e5cad67147cc855db0fdd8177050bcdbd5daf039a054eaf34a04
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
204c3361b4063d7d3c5017455d87516838b2bf2a11f0cdeef39abcea55221e9e
21db5e6df299526cc8e5e9f32055582efbd616a9964c51dc20f574e2e313f039
2359cd310e9753bef21875b03da1ba2ef2119719e6d86a55a35496bb76609c3a
27200809b75c97e4571b315dcf68fd8d0830f16fdc79862762794831bf068683
2722c954a8ba72763a8b76c7f4ff1dea2c543c3a1ff14837dea2a9fe789a8942
2795ae4327a336062e1e3a585697e3067ce863f6b62e5bd3f290a52638bd86f1
28946bc66a553aa338fb7a08c0750aeddee9b86f01e3f8e9cdbb58b4960e097b
3134ead8cde3b183908742311737674a75dd44b201fd269ea20c7df28a38c7d7
314dcc269abda99c85ec7206d8503c53975120bd30063fc80993c27c6e669709
31f281abd65cf29a41b80902ebd3269442bbcc64a651b2cd8f187f817c694d64
3541b8f5db11161e7f1dcab52ed4d1416aafcb9537cbd07e2ef739831325ae35
35ab3aecb266f9e403b061790293e55996a1ba684db1f078c181e93f3455e119
364687382a6a909cebd2560c9707f56fac2bb86b84e366f2f3434be67f6b647f
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4053e941aa88ffa1b3934bdf273a499d492d87b90908f0bfa524d869c872d77f
4234dad73120f3a838b907b33fcfec4e8a4fcfa1ff091e89545d41d439686662
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4a68b17866cc125378f37d90b56c4ac5ecd36ea37f1be71e12681eaca4831039
4a6a9091297d86c3d40e17c33b76dcda3bc20fc059522c3eb046db923d0e681a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e32fe490999ee7ccf91ef6c4e592dca5af768a9582990b2a33bb68b2dc3bc7b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
517d69e9ba18ba94dc1d595b01a4a6253d127e07a2e5b3c8d50072c35f86be77
534f07537c6ccd03f8ac72904861056804bf61cb068cab6bc6c452f6247df687
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
584b231cd33be7d961f289d9311cc6905fab0b85357f5c7917190330f65bb4fa
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5a68ef8b63c5914e354aa61e913e48452bb44f8f06262483b27717cdbac83eb1
5eb3aa45ab179e35b6023a61798c19fd507a192fe05a7698124847bbe22a51ec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626cf96327b5362ab06a6ec60cb1cc2519f7270ed39f0b75cd44a53c1de5180b
657a6270acd4d75e521ead362617cadcaaddea44b685e2974d2edcf632e6e1d3
66ea9c52ed69efb333f3c36548e4614e1b26905035e53244c366654ab7fffb9f
67a0cd3879eb0b17424177823ebc4d20069197e97bb483fe63f2a629b3f4e138
69e130f045116af9a6a6f1a1df90081c8a3d6615982920d7001c5f08a8a72683
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ca3c3b408e842f1d30e443ec9d7588f371fc2c3e50c02f51d506651c439b703
6f0552daf770cff2789f4951a83a8913c2eafaa082785f1ba0a29700ce64ab87
71c77b11affd8a8f825dce30164019fcbd612b0cfabaf91f1f73cdff3562f731
730f8076b0de7120b1a302aac1256ab376b6637edb87485590dc9413daa27554
79d9d0cb995a45ed1d63a59cc6d7ee01ed1e2e01d54c1fd6da7bde3c786e69d4
7a024b3a515404415c303d7919b04405dac6994811c1e6af29b0a936cfa714ff
7bcf2bac32babb6a03adea909582627f60c69b35b617c6a2bafdc964474ba843
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7e6b9a5c603b16cd6c01216241a2d3295fa4e281d794b556d154f0976bdbb5ed
7f2ad132f916983bac0d58e89d6c85d79db494ab392b30d56811aff567c3042a
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
81b6d1d4428514a7a5e5dc8aefac11104b3a350a3efeee2fb6deb0a5a45569c1
822ca33fd3327e591efb7df27161328ff3b035a19f03218c3c5de686fca5e2bc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83afa0a7a3ed44befb6e2c53b69be58d040463f0dafac394bfe3df0d882d03b7
85e2080a3c54a9bbf8c9072c3a795235311ed6a18d7ad8fba3c90491fa0dcf83
8643dde88644b2c1ba0205306e9fc8a6bbbf0d200d23b472077600346e521050
8774fc2d7df2f003b97bb7faf6170572f8b80c6d2e7c2d1ed883b5078f014acf
87b9fa7efc94c1145c336dfa8e5b245461d0d2c950996f9b0f0e8ccea0289b72
89b41f25cc4a5d2672857d6038ab85e975f71b54e056cc8598963b8f8cfd7c5d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b1d9340eccc886f08b2f3b02675b424f45863321e53d7f04bf8b64ede36cc2a
8b6dc5c46fef04dbd427d4e9652ac9ea8ecb4ec45cf0187e7a7c1431eb35f9fb
8bd1a2961a1e6b3f1b16af85e1c3828d83585c5bc91cab286ef3ad57819a531d
8c3d2c1486a53889fe9f27bb942f142c9cc9ce028ccb7c5d3ffe21c74957bca0
8ca80703b128a6700e07dba69884b9c8d9a35c5d40e6609b30ff2fc51ac057cc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d90500059bf2da09057e5ec01286818fcf24f72964f045c8a40c0507639af2f
8fe958140956e46fe97220f508de9e588ea2c33bc30f92e4d6aeda2b71d99f4d
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
93d5e9d75affe26a66d55bf548438fb4af829e68f32ae33466aff30398fb0d08
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9a675ea5f409c66886094320441c46a00e85e7ba76201df0046f3712be427959
9a7e5a31143a45da34c01216f6d5620f60d58dd6694e06037d1fa1bf00988282
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a029b6ba2942a3d338c77b729d9d8325947768886f3c091566db56b880ed0148
a040eccd56269b4b1cff436d49f3328a673c968517fcf6c6da0f46d9ae5e4743
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a104beb1874198c45bcae22d88cf72ccbeff4af5ffa06c1a169a97ca0785a72d
a1ab316bf64f21d71f8d304220dc9607846b8f3d8d19c732ac37629c9122b237
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a643e3b28d0dab5d1a015ffb03b60e790bfa2d111475b9b624da23996b43cc33
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab3a2e19743ddbacd0904360a2358b0905342ca98bd5275b0d5e1b18d84bf531
ab7f82170eaa6c9db069a9104c4aa62c7b1a96732db38e02043df0add34704ff
b089909ab9eeb6d026c3bbdbcec2132003a8719e6564978b6dc7288dc6eeee5c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
b460fb43c0d18b583b113c5fbb8eaf6f317db3df4ade6b2898f44971190cc4e6
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b7eeadc317a496e1de4fee39506d782aa7279cb5cb0de186bcff680b2f84fee8
bbb52455daaa0cfec5dc3ca2d65d98f49a7b1b9bb34a94bd5886b4650ab9e9da
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf3f98017b277064d325789b391f88c47f5668fc852258bdd7f276db542481e7
bfb27b33e7aa731d3c7189977bfdee771b74a8977c9fd0627785270448f3d2ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c558d2c2f86b94d74442397a88c53c5bf27e812b165926f50b7dd07ba069e802
c596a08ddf23301fd6d0298e72d53d64eb0923df409134412d41845bec268ab7
c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac
c68060e7d5e06313031bde36d13ce808b02db86dc4184dfcf4fb3c877e21f8cf
cb3395d3c968f5eeafa662274d4baf1f764afdd67a366dddebbea5f0fe1f33a2
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43
d5ce4ea56dcebba22aa104344763baf784401ad477ec9c5a935a77eebb6b5bd1
d603c14b279c4bd3ad5b16c88d99cb5c5f1b816fcc966730cbf0fdf4453887d0
d64d69e7dcf31e33e8ff0ca402114db859a13e8514ee0777a964430e8dfc8900
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da2b63fefed1687611db88864450bdc8162f0b3a6c11d0b0cb1472821e48eeb9
dd49ec176bad424e8694e77a1c49ca3e995b745d9b3de92d7724c2a8ff1b8b06
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e30aaafd4c7dd534259b8e35db4af9af5913b5dc7734364ac0e232c677d1f2e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
eacea388d593b25ed247ec1f6c94b68e266a5f9b9ead59bf3a0b2a32b6f414d5
eb87d6943cde131a0710f9c48fa641b4f65866455668ce3439052cbd3234d109
ed8adef3a2a95e288547fe7eea06970b3bb39999fe8259ad900d7b68618a05a0
ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4e531bd658e50fcaeee96dd8ee85c19da4277fac1a29db4f0028483a329dd3
efb6f9331a30ebe5adfbccc4aacf53fdbb5c6fd74edcc0fb64bac144b5a46d2b
efd2fe255e4154630d6cfba7635156bee870a053148dfee8618fe28d31703639
f324377940583ba7a0f81123404cc032334edf5ace8e9f5d58da1cc340e41027
f7b1a8136794d4ef80777aeeda3b082ac4149bba0722e69abdf97aacf212f031
f7eb29e39ad53cd405d44aa6843c61bf6c341d70e157413cac099adb2a4b4fe5
fafc955bc45056ee5ec1ced950940159610ed7e8ce62d1364526c8cf5ec89f38
fb7c2fff4cb42aa2f4f547e435d841022952c37543989cc61a24ece01e7d2d7c
fb88fd8b1c6da5a5596e484dfc2698ede30654596bd081f9558e25d20578ca06
fc2802e972e8444657a9ed6ce56e959156a22a1fd1f599a8121ec838db83d806
fe3d62dfe219dc97ceefbefe6997e8490f02c5938e5f2d54c65d7b08fd5c72b2
fe7d221e7ccf2543f75855d55d8052df7876bcf6a8b7a372f900d5d2ab7f58ee

online2pdf.com Open in urlscan Pro 92.42.142.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

233 Requests

88 %HTTPS

39 %IPv6

39 Domains

64 Subdomains

54 IPs

10 Countries

1831 kBTransfer

5009 kBSize

38 Cookies

7 Outgoing links

Page URL History

Redirected requests

233 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

online2pdf.com Open in urlscan Pro
92.42.142.174 Public Scan

Screenshot
Live screenshot

Full Image

233
Requests

88 %
HTTPS

39 %
IPv6

39
Domains

64
Subdomains

54
IPs

10
Countries

1831 kB
Transfer

5009 kB
Size

38
Cookies

233 HTTP transactions
3 data transactions