urlscan.io logo urlscan.io
SecurityTrails logo

pdf-harmony.com Open in urlscan Pro
172.67.180.171  Public Scan

Go To Rescan Add Verdict Report
URL: https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=2...
Submission Tags: falconsandbox
Submission: On July 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 172.67.180.171, located in United States and belongs to CLOUDFLARENET, US. The main domain is pdf-harmony.com.
TLS certificate: Issued by WE1 on June 12th 2024. Valid for: 3 months.
This is the only time pdf-harmony.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 172.67.180.171 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 142.250.185.98 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
1 142.250.185.228 15169 (GOOGLE)
1 18.66.102.51 16509 (AMAZON-02)
1 13.32.27.21 16509 (AMAZON-02)
15 6
9    172.67.180.171 (United States)

ASN13335 (CLOUDFLARENET, US)
pdf-harmony.com
pixel.pdf-harmony.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
adservice.google.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
1    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
1    18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net
static.hotjar.com
1    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com
Apex Domain
Subdomains		 Transfer
9 pdf-harmony.com
pdf-harmony.com
pixel.pdf-harmony.com
95 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 894
script.hotjar.com — Cisco Umbrella Rank: 1260
60 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 213
www.google.com — Cisco Umbrella Rank: 5
82 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
139 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 133
15 5
Domain Requested by
8 pdf-harmony.com pdf-harmony.com
2 www.googletagmanager.com pdf-harmony.com
www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 www.googleadservices.com pdf-harmony.com
1 adservice.google.com 1 redirects
1 pixel.pdf-harmony.com pdf-harmony.com
15 8

This site contains no links.

Subject Issuer Validity Valid
pdf-harmony.com
WE1		 2024-06-12 -
2024-09-10		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Frame ID: 0F8EF7660F2A8FC6F65F76A0D087AD89
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PDF Harmony Download

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

15
Requests

93 %
HTTPS

14 %
IPv6

5
Domains

8
Subdomains

6
IPs

2
Countries

294 kB
Transfer

730 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://adservice.google.com/pagead/regclk?auid=751084065.1720025928&url=https%3A%2F%2Fpdf-harmony.com%2FharmonyDownload.html&tft=1720025927689&tfd=641&frm=0&gtm=45He4710v9186089309za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&tag_exp=0&gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&gclsrc=aw HTTP 302
  • https://www.googleadservices.com/pagead/set_partitioned_cookie/?auid=751084065.1720025928&url=https%3A%2F%2Fpdf-harmony.com%2FharmonyDownload.html&tft=1720025927689&tfd=641&frm=0&gtm=45He4710v9186089309za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&tag_exp=0&gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&gclsrc=aw

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request harmonyDownload.html
pdf-harmony.com/ 		35 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e87a64a4c0c588ae5c4431101f6618cbdd18864f7ceb228ca00ba3e2cbeae2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89d86c1c8962973c-FRA
content-encoding
br
content-type
text/html
date
Wed, 03 Jul 2024 16:58:47 GMT
last-modified
Thu, 27 Jun 2024 11:42:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2FYmLR70VwBeHhnXVQ4Jw8XRYXR5IqiY%2FweBHjL3NeXIcJfNGtOtgu1bDAigq4UuiNLeDpia9AYbFVZgaVHnwBXxEgrWG1YyxFRPB%2BRgSR9VXD4u9ZltU2E7PP6Fe3gB%2BMY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-amz-id-2
vbciCwBL/EKcDoJV0CYxUWxGaf4ce2IA/pFIOTHJG3L1PWXF67+crT161BErFPLSrXUFRtKSyNo=
x-amz-request-id
R81J0NGZGTBYJ42B
gtm.js
www.googletagmanager.com/ 		253 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KZGWNNGZ
Requested by
Host: pdf-harmony.com
URL: https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a3bb056a8c9aa13b9d7359e1834c536b8f9b2fcfa570fd0b907cb49d726f174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pdf-harmony.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:58:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92432
x-xss-protection
0
last-modified
Wed, 03 Jul 2024 16:07:56 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Jul 2024 16:58:47 GMT
pdf.png
pdf-harmony.com/ 		303 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdf-harmony.com/pdf.png
Requested by
Host: pdf-harmony.com
URL: https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
402fe009427552937cd8bee5d0b79712100bdf7570b486ddd8180a9300c85f3e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:58:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
R81HD842Q746EZ8F
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xtUMIv4stezEu6fT%2Bln3%2Btcp3eeFIcyDurinCf5Mu5veIkG0Tehr05e68F%2FBqAVv2c1UlD6HvcONk6y1Ij9cVwHY4hNk1sqjJT1WArDA91o%2B0u1XfIvUOaljYNQSJIICPWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
89d86c1e5c4e973c-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oKpB2XTJrXH7uznRyk4tyqKKruixzFyoXXRWfCAACH9G9QDOcd3nsEGE+htNlN/M1D8ax5fhpCk=
step1.png
pdf-harmony.com/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdf-harmony.com/step1.png
Requested by
Host: pdf-harmony.com
URL: https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a95934bce408305f7efe2260cf996b0fc23939ba3393f1c04b32ad6333b72c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:58:47 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 02 Jun 2024 10:59:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
R81TENAVYD73PHAH
etag
"9c23bc03181386f4cff9f34a94545c66"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SenlH2y%2BZZazOrxhmZfXaEq5uKeQF9Bk8zTrp%2BxgJKS5mhtJp5BWLD37gNCtd1OMERDYmeaYOqP9segjufntvJjP8RZAAKNB4oKlNa8YHktX2j28Wq4gFKWfoRtg8qem%2FD4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cf-ray
89d86c1e5c53973c-FRA
alt-svc
h3=":443"; ma=86400
content-length
10493
x-amz-id-2
723ltSQFJugX2PQVJ9EaJwl1YKNael0COCXwg3VMte+68qK2vc6woA20ObefuE9NCzbGj8J7QBc=
step11.png
pdf-harmony.com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdf-harmony.com/step11.png
Requested by
Host: pdf-harmony.com
URL: https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0a4e570f71bba1a05b7f65f9eae084f0410dea93fd1a14e2abe46fc322e3e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:58:47 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 02 Jun 2024 10:59:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
R81WV3TVYCF16KZT
etag
"a62a43248c90035405ae6708f369793b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XR77Kbg5A%2BEMwaMIgN0fFvyy8IBzja2DbgS49c4Dv8ajdJcT%2FsC8BwEaTgKVY3sUf3Z0277z%2FEzTS8JTSAZc%2BU7uWIjKZHLaYeLvecQ9SlKSNhL8EyUTdLg3H0KAnHFnYHY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cf-ray
89d86c1e5c56973c-FRA
alt-svc
h3=":443"; ma=86400
content-length
13358
x-amz-id-2
n6DI8eHdHxlotpID+XQU+lseY5fhTHeJpv3L05Puw/9O37Tj2XVnZYNw0SY1d3u2taAtdS4bPus=
step3.jpg
pdf-harmony.com/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdf-harmony.com/step3.jpg
Requested by
Host: pdf-harmony.com
URL: https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
366cc77f441f40f85615a7ad3448dae5f72b1af8de7ea25c3c73acd6fe5a4db4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:58:47 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 02 Jun 2024 10:59:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
R81TC4M9K91JWY74
etag
"0c9541db0e4c34cda7bef94f8cd63004"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZjdoUlG5nctRuEWskxNMbARwBJfSvr%2BcGjf0098yXy1lol8M3TZ4jXRJ18zeQ97GhnJzOrJ%2FOKyzCnW72EYRZYq4iOtexSgKskJ81lzZQ7qvHOKMzzke4SwFswXRNsPlnfU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
89d86c1e5c57973c-FRA
alt-svc
h3=":443"; ma=86400
content-length
32868
x-amz-id-2
f2Rdg3BQOuEsFeIn0SCoxbSEFezGyURN+LcpTHLFO0jmEpOcUKYXwPSQi3cg4pFUU0B6Xv8lFR4=
arrowtop.png
pdf-harmony.com/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdf-harmony.com/arrowtop.png
Requested by
Host: pdf-harmony.com
URL: https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
961cd9c279f8c116587c26145f3a4ca4d7d8d1ab26589f325b945b423de2545c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:58:47 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 15 Apr 2024 11:39:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
R81JPZDJGPQ1KC20
etag
"e6ea9286d2ff5ae080b8860c864a5872"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Os0VclJf5EXmRQ6YFBd9FLz8aSPmABMcZh4pmBpUl2wQ9lB7e3%2BuxujwVHzty4MJpIYYDe8YSQ7hXrXjbEQU8o1QrUVU1LTGGtRdDh7Qxjo5OAmsc%2FO%2FUWOKh11HRlI1zSs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cf-ray
89d86c1edcfb973c-FRA
alt-svc
h3=":443"; ma=86400
content-length
26769
x-amz-id-2
m5ZB6BY734Vg+uK7ns3KmYqIhYIAUcx8+jrTPNxpgFdU80VbwX37nXM1H1X/oMFeflNCJlsF5ow=
rp
pixel.pdf-harmony.com/ 		0
756 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pixel.pdf-harmony.com/rp
Requested by
Host: pdf-harmony.com
URL: https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://pdf-harmony.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 03 Jul 2024 16:58:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
https://pdf-harmony.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v0PPzZ%2Bc%2F38f8Uo4mzZQyR67LqSzphhJ%2FipAUxGxDtJpjmy3IGE9CtQtLjBqodHcWFjtMTmRtBsiHF1iK%2BXaIJ6QCBD8Y3Fr649S5Kjp8%2Fr0Et5IxjW1WR8j4W5ehWeTIvqKaco9FVA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
89d86c1efd3f973c-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
/
www.googleadservices.com/pagead/set_partitioned_cookie/
Redirect Chain
  • https://adservice.google.com/pagead/regclk?auid=751084065.1720025928&url=https%3A%2F%2Fpdf-harmony.com%2FharmonyDownload.html&tft=1720025927689&tfd=641&frm=0&gtm=45He4710v9186089309za200&gcd=13l3l3...
  • https://www.googleadservices.com/pagead/set_partitioned_cookie/?auid=751084065.1720025928&url=https%3A%2F%2Fpdf-harmony.com%2FharmonyDownload.html&tft=1720025927689&tfd=641&frm=0&gtm=45He4710v91860...
0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/set_partitioned_cookie/?auid=751084065.1720025928&url=https%3A%2F%2Fpdf-harmony.com%2FharmonyDownload.html&tft=1720025927689&tfd=641&frm=0&gtm=45He4710v9186089309za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&tag_exp=0&gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&gclsrc=aw
Requested by
Host: pdf-harmony.com
URL: https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://pdf-harmony.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Redirect headers

date
Wed, 03 Jul 2024 16:58:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/set_partitioned_cookie/?auid=751084065.1720025928&url=https%3A%2F%2Fpdf-harmony.com%2FharmonyDownload.html&tft=1720025927689&tfd=641&frm=0&gtm=45He4710v9186089309za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&tag_exp=0&gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&gclsrc=aw
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
landing
www.google.com/pagead/ 		42 B
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/pagead/landing?gcd=13l3l3l2l1&tag_exp=0&dma_cps=sypham&dma=1&npa=1&gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&gtm=45He4710n91KZGWNNGZv9186089309za200&auid=751084065.1720025928
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZGWNNGZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pdf-harmony.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Jul 2024 16:58:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		127 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=Analytics-%20Page%20View&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZGWNNGZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8216248a3dbdd82413d781ec36ff4e7d6ee5fc7fb46f012ea8065e7b679628c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pdf-harmony.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:58:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49612
x-xss-protection
0
last-modified
Wed, 03 Jul 2024 16:07:56 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Jul 2024 16:58:47 GMT
hotjar-5001664.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-5001664.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZGWNNGZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
50b6d94cb6d557e4c1211b7e9f6c424165ee38b986f8839389390d440aaa410c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pdf-harmony.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 03 Jul 2024 16:58:47 GMT
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/421ed1520651414f3bf122a8d1b028e7
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
0VECzDwemltiQ5-Qp2c7llQB6I9VQNbLJUmwDSbOb_GscVFmQs-X7w==
modules.e4b2dc39f985f11fb1e4.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5001664.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pdf-harmony.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 08:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
204460
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56291
last-modified
Mon, 01 Jul 2024 08:10:34 GMT
etag
"ca025d2d8ae4b3dc51e058b782590501"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
DI1JWhNtF4LXJ9o0qaffMvVGdIaOsH1RtFDiTXHFOxcymjSHsuVMoQ==
pdf.png
pdf-harmony.com/ 		303 B
705 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pdf-harmony.com/pdf.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ec3fd57323428ab88a523cc127282c95b7993448037c8b71793447b58790b0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:58:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
GH5APJ70451EBHWN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ihW12%2F%2F6P7huNrS4VPLsuGIhEx4KTg8Ps%2Fyr1XltfcqB7NUKSQ%2BtLSF2U9NJCR1scU3xXHeIgtVbph9KjatD8mm0OkhJ%2FYkF33RnwVavyAfvaOdA8W1IHAf887xUi14KuBY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
89d86c22cafa973c-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
w6ckdKE90ucKZPLfVNYga2KkP5h3P8w5zosoRiQtu+h/LRpXcxDEyOnePaC4HMtnt4aEVuvNDjI=
pdf.png
pdf-harmony.com/ 		303 B
704 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pdf-harmony.com/pdf.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf96c24444beeacba5e939ac8e86e2034d2e210d8716a12197b8be737c1acc1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pdf-harmony.com/harmonyDownload.html?gclid=EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE&campaign_id=21368441510&creative_id=703363234456&adgroup_id=163841249496&placement_id=www.myfederalretirement.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 16:58:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
GH5E3A33FG4090DH
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=COI3lh7rNR7BqlBs7lT1%2BeKL7Xeuia2WcaI7Ms9SIgh7uQVAhZTeqizN%2BeeuT4iZgnvDT0f9DBIN9lsEi42n7efbhjUhD%2B1%2Bfv23wwOthRTRVonDcpRYeilzR8VQ85UfgPw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
89d86c23bc83973c-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
g8+ojC8LumSGpl0Q7Vu0ImgiUpojUfJFKPEJ4ccppF7Em23WJk0zbLHSgzdH9g7D8+uW8gs2BiU=

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| dataLayer object| google_tag_manager object| google_tag_data function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled

6 Cookies

Domain/Path Name / Value
.pdf-harmony.com/ Name: _gcl_aw
Value: GCL.1720025928.EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE
.pdf-harmony.com/ Name: _gcl_au
Value: 1.1.751084065.1720025928
pixel.pdf-harmony.com/ Name: AWSALB
Value: iNLPL3vGEG4qyBqzCTADaBkP3628rGpsUeFJze17YisLclsKdJJTm+fnaXG76KLj/iBALbrFgeeZEavvseBjKxZCjRLxolvsnarl+9E8IuBtCA138uJu6msG7RQm
.pdf-harmony.com/ Name: _hjSessionUser_5001664
Value: eyJpZCI6IjQwMmM0ODc1LTEzNjAtNWRkMi04MDcxLTZhMmJiZTVkZDEyZCIsImNyZWF0ZWQiOjE3MjAwMjU5MjgwOTMsImV4aXN0aW5nIjpmYWxzZX0=
.pdf-harmony.com/ Name: _hjSession_5001664
Value: eyJpZCI6Ijk4ZTJjZTdiLWRjOTYtNDVjZC04NjFlLTU4ZjkzNDM3MmMwNSIsImMiOjE3MjAwMjU5MjgwOTQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.googleadservices.com/ Name: GCL_AW_P
Value: GCL.1720025928.EAIaIQobChMIw7WsyJOLhwMV5zRECB2x-AOfEAEYASAAEgK_6_D_BwE

3 Console Messages

Source Level URL
Text
network error URL: https://pdf-harmony.com/pdf.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://pdf-harmony.com/pdf.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://pdf-harmony.com/pdf.png
Message:
Failed to load resource: the server responded with a status of 403 ()