r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16463
Expires: Mon, 23 Jan 2023 01:27:08 GMT
Date: Sun, 22 Jan 2023 20:52:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0be6cec5607bb65c06dbadd33456aec1
9d13129e936eb5fc82e403931884cdc8c6e6ab92
cb028034340b709ece65e45e8fc1a26a64dd85926beaa542f308d3f1d5ee2c84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB028034340B709ECE65E45E8FC1A26A64DD85926BEAA542F308D3F1D5EE2C84"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19331
Expires: Mon, 23 Jan 2023 02:14:56 GMT
Date: Sun, 22 Jan 2023 20:52:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5763
Expires: Sun, 22 Jan 2023 22:28:48 GMT
Date: Sun, 22 Jan 2023 20:52:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 20:34:52 GMT
content-type: application/json
age: 1073
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tWme/L9B61CkueERoTBj5m5JcoqNTh/QXi+to5IudGhRU5gStwRn4lEQD0/oq+yY1ttRkQrBGIw=
x-amz-request-id: WZTQCF1W1TR7JYT1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 20:47:26 GMT
age: 319
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.pdfdrive.com/search?q=J.+B.+Eisenkraft
104.26.7.150301 Moved Permanently 0 B URL HTTP/1.1 www.pdfdrive.com/search?q=J.+B.+Eisenkraft
IP 104.26.7.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search?q=J.+B.+Eisenkraft HTTP/1.1
Host: www.pdfdrive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 22 Jan 2023 20:52:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, s-maxage=10
Pragma: no-cache
Set-Cookie: pd_session=q7kfes7ij3t95abhsh68cigisoiieu5c; path=/
Location: https://www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true
X-Frame-Options: sameorigin
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApfPoR4xU6bV%2BdNrI57I40vIsGeGpPLlXCaUEdtHx8ZBhwsqXTPgi41qjL6B1Hq4evbn2K8ieyUoneL0m2J6u1XjN4pC7fJOCVAdowcuE26TXbyiNLhWH%2B04FxVSV4rn6GM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78db2cd55e7eb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 20:52:45 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 20:48:58 GMT
age: 227
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5276
Cache-Control: max-age=135718
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:45 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 10:34:43 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a25567cb3f63e13ec07e671356f7ad5b
f7bc53deb15fdeca18806318bf7d3267b1766c7f
09cbab3f29c812e2bc1c54b9a6600899fdc64ce0479bcb314a92553069a95f9d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3032
Cache-Control: max-age=110811
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:45 GMT
Etag: "63cca420-118"
Expires: Tue, 24 Jan 2023 03:39:36 GMT
Last-Modified: Sun, 22 Jan 2023 02:49:04 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
104.17.25.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (59158)
Hash 77c1af627ac0cf4a26f1f230c3328544
f99817795a5ae027a7212b040438e49248a483b6
0496a11101ffd6d8230b041623cc1bf58971b25acd684a23fe91d702c486d2c8
GET /ajax/libs/font-awesome/5.15.3/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pdfdrive.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:45 GMT
content-type: text/css; charset=utf-8
content-length: 10480
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60510736-e7d0"
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 261941
expires: Fri, 12 Jan 2024 20:52:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8hEPa%2FoaVqlsn8hpdnxi7wWn%2FNG%2B%2FX2Sga%2BSbMF5JGnzdF%2BLlZSR4rYAyf8HOxStOgv%2BFBiGGpHW3slTDf0SZg%2BCY0cSC0C9u3xUAyplHL93pHtZu0ImNSu5TufwwYzdOA0YPeL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78db2cdb5ccab505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a25567cb3f63e13ec07e671356f7ad5b
f7bc53deb15fdeca18806318bf7d3267b1766c7f
09cbab3f29c812e2bc1c54b9a6600899fdc64ce0479bcb314a92553069a95f9d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3032
Cache-Control: max-age=110811
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:45 GMT
Etag: "63cca420-118"
Expires: Tue, 24 Jan 2023 03:39:36 GMT
Last-Modified: Sun, 22 Jan 2023 02:49:04 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a25567cb3f63e13ec07e671356f7ad5b
f7bc53deb15fdeca18806318bf7d3267b1766c7f
09cbab3f29c812e2bc1c54b9a6600899fdc64ce0479bcb314a92553069a95f9d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3033
Cache-Control: max-age=110811
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Etag: "63cca420-118"
Expires: Tue, 24 Jan 2023 03:39:37 GMT
Last-Modified: Sun, 22 Jan 2023 02:49:04 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
216.58.207.234200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (32030)
Hash 04ba0252a9f264db106d4eaab8df4ccb
cf52d9b3df7839c5c64fbf33aafeced74b3db750
397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2
GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 06:39:53 GMT
expires: Sat, 20 Jan 2024 06:39:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 223973
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.69.176.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.176.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LQtWWeQl5nLXMoRMVxOGuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X4+bOTmuS+pqktZsBN5vSWBmkBU=
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2
104.17.25.14200 OK 32 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2
IP 104.17.25.14:0
Hash a7e7a5842db21b5b33f28bd12c7f034a
fc12e587b4983b73d9973ad53dd0f6fe635686f8
bbed2c02c916754cba9279dc3db97b86a7ae68b63d13bbbb1c4067f19fb04d5e
GET /ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 13276
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "60510736-33dc"
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 319330
expires: Fri, 12 Jan 2024 20:52:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KC9yTeE3D8F2Oe0%2BbJBpmV8dAALsKkws1PzXt9RarLtVRZKTIFu87e7voOVicIi3Gi6NvQ7GaPvAzmLiFCUvJw1etgi9i4lv5F%2BeAwWg8OA8oQfdVpLJ2G8hvVcslQ8Y7qHmziDv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78db2cdd98d5b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 19:33:54 GMT
expires: Thu, 18 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 350332
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:400,500,700
142.250.74.106200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500,700
IP 142.250.74.106:0
Hash f48608a54f009534883694ff7316ea90
a69cb42526e88fbb9bff39eb09c37ee1777ae9db
e4e6cc2322edfdbc86e071efc053da6b07a35cd9a519e8f1ea4c15f236e3a7f8
GET /css?family=Roboto:400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 20:52:46 GMT
date: Sun, 22 Jan 2023 20:52:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 07:51:59 GMT
expires: Thu, 18 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 392447
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7945a46ae34a1c31921c0679941222e
3d6a979e0d208362b2a00abab498cb6d1d629bc0
0a9e413dbd2e00dd5c6999121ef02cb3bd16c34127b0f1621580ee5340612904
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A9E413DBD2E00DD5C6999121EF02CB3BD16C34127B0F1621580EE5340612904"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2529
Expires: Sun, 22 Jan 2023 21:34:55 GMT
Date: Sun, 22 Jan 2023 20:52:46 GMT
Connection: keep-alive
stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.bundle.min.js
104.18.11.207200 OK 21 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.bundle.min.js
IP 104.18.11.207:0
File type ASCII text, with very long lines (65298)
Hash 7152e3165333877992a2cc61dceac3d0
d84f2391f4cb06f67fe5f2e08f9afc71736721c9
408c071ce153eb782ff321b3613e89c69ac0dcfb3013e8ef65348c6109bb0313
GET /bootstrap/4.0.0/js/bootstrap.bundle.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 2021-08-02 21:17:38
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 396986276134bbfbb35a9dfcdfa6e51f
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 19869671
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78db2cdbbe9f1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da33f90fb2880d573a74e0f60ea1f314
23cca48e548048a546175921d10bc7fbdba363ac
5847b0aed31e76c4c5ebaf2277499106752964dac669272b6418fa188f78e545
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5847B0AED31E76C4C5EBAF2277499106752964DAC669272B6418FA188F78E545"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11579
Expires: Mon, 23 Jan 2023 00:05:45 GMT
Date: Sun, 22 Jan 2023 20:52:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da33f90fb2880d573a74e0f60ea1f314
23cca48e548048a546175921d10bc7fbdba363ac
5847b0aed31e76c4c5ebaf2277499106752964dac669272b6418fa188f78e545
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5847B0AED31E76C4C5EBAF2277499106752964DAC669272B6418FA188F78E545"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11579
Expires: Mon, 23 Jan 2023 00:05:45 GMT
Date: Sun, 22 Jan 2023 20:52:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da33f90fb2880d573a74e0f60ea1f314
23cca48e548048a546175921d10bc7fbdba363ac
5847b0aed31e76c4c5ebaf2277499106752964dac669272b6418fa188f78e545
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5847B0AED31E76C4C5EBAF2277499106752964DAC669272B6418FA188F78E545"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11579
Expires: Mon, 23 Jan 2023 00:05:45 GMT
Date: Sun, 22 Jan 2023 20:52:46 GMT
Connection: keep-alive
cdn.asaha.com/assets/thumbs/c32/c32342ecd2b8d2f19686267bb0ba7a9c-s.jpg
188.40.148.218200 OK 9.0 kB URL HTTP/1.1 cdn.asaha.com/assets/thumbs/c32/c32342ecd2b8d2f19686267bb0ba7a9c-s.jpg
IP 188.40.148.218:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Hash 8300f2229e4ff109f3f6e3f3f3bc1f11
1c716050b19eb90e19b9f30c9e7fcdf2599f81dc
b5414689f2b1d8a1e87c1826926bacfc779d8f6b390ed9921240e0fa6af44e0d
GET /assets/thumbs/c32/c32342ecd2b8d2f19686267bb0ba7a9c-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 19 Apr 2019 07:27:56 GMT
ETag: "2357-586dd0ebca29c"
Accept-Ranges: bytes
Content-Length: 9047
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.asaha.com/assets/thumbs/bc4/bc4853f80dc107e8ff8396f6e121ef6b-s.jpg
188.40.148.218200 OK 6.1 kB URL HTTP/1.1 cdn.asaha.com/assets/thumbs/bc4/bc4853f80dc107e8ff8396f6e121ef6b-s.jpg
IP 188.40.148.218:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Hash 55005de915eb35a4760924201a5039ed
214dd8d54b60bfc7588a0c50d63a175a02358b0d
7cad4527ca913ea9d607da926efc47d51a352e97c9fee8cc884c461f46423c90
GET /assets/thumbs/bc4/bc4853f80dc107e8ff8396f6e121ef6b-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 04 Apr 2019 13:12:44 GMT
ETag: "1800-585b42036fc79"
Accept-Ranges: bytes
Content-Length: 6144
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.asaha.com/assets/thumbs/b31/b311b61ea4b6ffd2115012574b25c88f-s.jpg
188.40.148.218200 OK 6.9 kB URL HTTP/1.1 cdn.asaha.com/assets/thumbs/b31/b311b61ea4b6ffd2115012574b25c88f-s.jpg
IP 188.40.148.218:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Hash 40feeec4ceb62030a0566524aa359f0a
b52afa22602b06c56175ca09a5cdb10c5f56d060
cbf6dc4701123b0a5fc01b0139e092a958ac48d6bbd5bbca88b128a25aeabeb6
GET /assets/thumbs/b31/b311b61ea4b6ffd2115012574b25c88f-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 11 Apr 2019 23:32:51 GMT
ETag: "1ac2-586499ad3751d"
Accept-Ranges: bytes
Content-Length: 6850
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.asaha.com/assets/thumbs/e26/e2686f6b35e8048f15a70a9a35dd2904-s.jpg
188.40.148.218200 OK 5.4 kB URL HTTP/1.1 cdn.asaha.com/assets/thumbs/e26/e2686f6b35e8048f15a70a9a35dd2904-s.jpg
IP 188.40.148.218:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 3\012- data
Hash dfb16e94c136617c4fb6cd5cfc9765b1
ac4ba0ac9891cabd55c404e3a1571543f06bd19e
492083fce9e0d266e6bacbc4a15a49bc75c9a3a9fb383a7a7f5492181e32dff2
GET /assets/thumbs/e26/e2686f6b35e8048f15a70a9a35dd2904-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 12 Mar 2019 01:20:37 GMT
ETag: "150a-583db7f1d43d3"
Accept-Ranges: bytes
Content-Length: 5386
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.asaha.com/assets/thumbs/2e2/2e244f899b7d13f88b0040561a432ea7-s.jpg
188.40.148.218200 OK 11 kB URL HTTP/1.1 cdn.asaha.com/assets/thumbs/2e2/2e244f899b7d13f88b0040561a432ea7-s.jpg
IP 188.40.148.218:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Hash ce6d423ef5060e62ea3f5a809946a694
6952d423fa2f6b8b7c5f29716f936b34cc1f5e3f
474f6ccfc834ad3189e22982bec6a82edc5d1db2c1c23937b33a7c9717bf2b9e
GET /assets/thumbs/2e2/2e244f899b7d13f88b0040561a432ea7-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 12 Apr 2019 14:45:29 GMT
ETag: "2a34-586565a9f96fa"
Accept-Ranges: bytes
Content-Length: 10804
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.asaha.com/assets/thumbs/f19/f190edf9e32c21ca88dd9ffc6292ac77-s.jpg
188.40.148.218200 OK 3.6 kB URL HTTP/1.1 cdn.asaha.com/assets/thumbs/f19/f190edf9e32c21ca88dd9ffc6292ac77-s.jpg
IP 188.40.148.218:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Hash 944e8f80408e00e9eb0baee7124a4d9e
5441a08a204eb07ca6ab672bfc32dcf769388a46
1c628163b2df8b39dba382df3c2e5f78305d891d534d6255d057af8746b94dfc
GET /assets/thumbs/f19/f190edf9e32c21ca88dd9ffc6292ac77-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 26 May 2019 14:04:17 GMT
ETag: "e2a-589cae84a6a91"
Accept-Ranges: bytes
Content-Length: 3626
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.asaha.com/assets/thumbs/61c/61c7a605bd2b422fabf59f546e6b268c-s.jpg
188.40.148.218200 OK 7.9 kB URL HTTP/1.1 cdn.asaha.com/assets/thumbs/61c/61c7a605bd2b422fabf59f546e6b268c-s.jpg
IP 188.40.148.218:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Hash 8026973be6b4c37890211f211fe8f8f0
2c184fd539cf0c6098090dd5a6de50a6b92d6612
0865cb55561d0d57943137b3775822082bb69dc09b37212fcad35c779a67ece7
GET /assets/thumbs/61c/61c7a605bd2b422fabf59f546e6b268c-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 28 Feb 2019 17:11:14 GMT
ETag: "1ed2-582f760b8fa78"
Accept-Ranges: bytes
Content-Length: 7890
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.asaha.com/assets/thumbs/b06/b06bb7f8ea0a928daf5ac1e1b72fddbd-s.jpg
188.40.148.218200 OK 10 kB URL HTTP/1.1 cdn.asaha.com/assets/thumbs/b06/b06bb7f8ea0a928daf5ac1e1b72fddbd-s.jpg
IP 188.40.148.218:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Hash b2b29e46380c2dfef1813e8d2d9f8c8d
384d9daffc4a375a7c00d3f593d8182cb0b6131e
b2fd3d9d76db4d7d62e3bba9df02ea11e7340ca6598c866a4f6ba062fb1425c8
GET /assets/thumbs/b06/b06bb7f8ea0a928daf5ac1e1b72fddbd-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Jun 2019 01:49:17 GMT
ETag: "2851-58a61927dca64"
Accept-Ranges: bytes
Content-Length: 10321
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.asaha.com/assets/thumbs/52d/52df9a248db1612471038b7a5f696d60-s.jpg
188.40.148.218200 OK 7.6 kB URL HTTP/1.1 cdn.asaha.com/assets/thumbs/52d/52df9a248db1612471038b7a5f696d60-s.jpg
IP 188.40.148.218:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Hash c7e78650e290fc3cfdd83e2bac941ef4
3079f453e0b9da28dcb6eb7bb3d2950ffcaa4030
1222b0dac197473183f6c954c99c04dd3a24917365c8d7c54d497be99548721d
GET /assets/thumbs/52d/52df9a248db1612471038b7a5f696d60-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 22 Feb 2019 19:56:35 GMT
ETag: "1db1-58280fcfa8fb8"
Accept-Ranges: bytes
Content-Length: 7601
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.asaha.com/assets/thumbs/a24/a2402aa47300f082a88e91f64aae60a9-s.jpg
188.40.148.218200 OK 7.8 kB URL HTTP/1.1 cdn.asaha.com/assets/thumbs/a24/a2402aa47300f082a88e91f64aae60a9-s.jpg
IP 188.40.148.218:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Hash 7ee95dc62645445707575556c6ed2057
b1f3adee545f3de8835dd71875b6aa461a8bbaa3
50a50730bd0c104f1aeaa5682ff509fb94abd91fd216f262f57bc5958ef6a1db
GET /assets/thumbs/a24/a2402aa47300f082a88e91f64aae60a9-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 14 Apr 2019 20:16:48 GMT
ETag: "1e54-5868337310452"
Accept-Ranges: bytes
Content-Length: 7764
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.asaha.com/assets/thumbs/576/5762f22b0c0477d82fc5166fbf2c1195-s.jpg
188.40.148.218200 OK 1.8 kB URL HTTP/1.1 cdn.asaha.com/assets/thumbs/576/5762f22b0c0477d82fc5166fbf2c1195-s.jpg
IP 188.40.148.218:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 3\012- data
Hash 3d60c0c4ffbbc251eca0524e11946807
bfb20b7c4d5edc3c7f15ee9c80e28fcf306c89ed
e8b61f15981160756db7726a710c60f8bc9a4ed209ec269d54b871a51fc57d99
GET /assets/thumbs/576/5762f22b0c0477d82fc5166fbf2c1195-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 05 Mar 2019 21:43:33 GMT
ETag: "710-5835fc3c4c4e8"
Accept-Ranges: bytes
Content-Length: 1808
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.asaha.com/assets/thumbs/cfa/cfaf05187807d47de98ae1bd6149e306-s.jpg
188.40.148.218200 OK 3.8 kB URL HTTP/1.1 cdn.asaha.com/assets/thumbs/cfa/cfaf05187807d47de98ae1bd6149e306-s.jpg
IP 188.40.148.218:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Hash 05a5d55d01950ec13b4c2ace2a412595
945d48349cd422f2db28cdc07c69fef653b2d76f
73f418004cc5d38af3a89581600f448324b4f3f689efb45020eca1c49de6463c
GET /assets/thumbs/cfa/cfaf05187807d47de98ae1bd6149e306-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 09 Mar 2019 17:14:46 GMT
ETag: "ecf-583ac79e86403"
Accept-Ranges: bytes
Content-Length: 3791
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.asaha.com/assets/thumbs/2b5/2b5e20d531cef2f11da9cf446272599b-s.jpg
188.40.148.218200 OK 5.6 kB URL HTTP/1.1 cdn.asaha.com/assets/thumbs/2b5/2b5e20d531cef2f11da9cf446272599b-s.jpg
IP 188.40.148.218:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Hash 0ea91aa6617ade6ff2d468aa8dbbd5af
22ed94e61986671613309056e48241a007c15d4a
a6a41b3a3825978841b80baaf15311dc3397f0a147bc0b5372cfaf810bf3f629
GET /assets/thumbs/2b5/2b5e20d531cef2f11da9cf446272599b-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 13 Mar 2019 07:07:48 GMT
ETag: "15f5-583f476941a40"
Accept-Ranges: bytes
Content-Length: 5621
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
clouddecrease.com/df4b7efb45757e4dbe9ea4dd784ddb26/invoke.js
192.243.59.13200 OK 9.3 kB URL HTTP/1.1 clouddecrease.com/df4b7efb45757e4dbe9ea4dd784ddb26/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25094), with no line terminators
Hash bfeeb154937591d8a1987a91edd0d369
50de696d92200534098112077bbc65fcd6431292
d6dacbe393a3c39580ae6783b8a58dc48ee5f711139f2abb9978a7242e942611
Analyzer Verdict Alert quad9 Sinkholed
GET /df4b7efb45757e4dbe9ea4dd784ddb26/invoke.js HTTP/1.1
Host: clouddecrease.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 22 Jan 2023 20:52:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6934ecedcf396a23e1563a016ed8a15a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
resources.infolinks.com/js/1842.018-3.025.ab.1837.005-3.025/ice.js
172.66.42.247200 OK 58 kB URL HTTP/2 resources.infolinks.com/js/1842.018-3.025.ab.1837.005-3.025/ice.js
IP 172.66.42.247:0
Hash e214bb5ff201cae6440afedcc9807ba6
9cb8951c559cc76a8fb0fbc9b188078b38d58a17
07de1d3aa5959ed5c3eacda3542b9b9ecca6bec54444038af7ae839cce282934
GET /js/1842.018-3.025.ab.1837.005-3.025/ice.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-type: application/javascript
last-modified: Wed, 18 Jan 2023 06:52:22 GMT
etag: W/"2d37f-5f284421f9e82"
cache-control: max-age=2592000
expires: Tue, 21 Feb 2023 19:20:24 GMT
via: 1.1 google
cf-cache-status: HIT
age: 5542
vary: Accept-Encoding
server: cloudflare
cf-ray: 78db2ce05870b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b6a7b076a30a5406b12344e01ba2d7ea
17e8497f4041b0c7e6fe4a13cfc5fe634c622fc5
5c82bf44b7ea0d2399d52df26b0ebc574cea4c4ff5d34423d07a1fc20e2e3587
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 22 Jan 2023 20:41:07 GMT
expires: Sun, 22 Jan 2023 22:41:07 GMT
cache-control: public, max-age=7200
age: 699
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/asahainc/loader.js
151.101.193.44200 OK 22 kB URL HTTP/2 cdn.taboola.com/libtrc/asahainc/loader.js
IP 151.101.193.44:0
File type ASCII text, with very long lines (65508)
Hash eaab536e6706e43693f6b648f7278703
61cfe2e91d2871dc90b32c9585afffcd5937d182
c627bc1999871daff491c3f7e30ba67671d91b1f37e200e27fc5d23b0e2fe21e
GET /libtrc/asahainc/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: y0TzCxJYhCeu3/NOzCNsb2Db0mFOgF6BO2qgA2YeHzL5GDLKh8l3rP2ieOCbx4gPKFj2zRx4ICw=
x-amz-request-id: 0T3H20CV7QSRFGJQ
last-modified: Thu, 15 Dec 2022 16:49:52 GMT
etag: "5dac8e0d4667c84262fa76c08e4bd3a5"
x-amz-version-id: nAh7PaY8DRUJzUurrCRQ44nReV5jRU2h
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 22 Jan 2023 20:52:46 GMT
via: 1.1 varnish
age: 78
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1674420767.826550,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 64
content-length: 21821
X-Firefox-Spdy: h2
play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png
142.250.74.78302 Found 284 B URL HTTP/2 play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png
IP 142.250.74.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9eb20e53f15c05dec7817750a07830e1
28c80c8b3546ead8bf99e0523cd85da02452d1c4
0de5342646b1fbde8390c9adfef31f1b443e2ccdeb921d90e037e04e61fb1214
GET /intl/en_us/badges/images/generic/en_badge_web_generic.png HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 20:52:46 GMT
server: sffe
content-length: 284
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b6a7b076a30a5406b12344e01ba2d7ea
17e8497f4041b0c7e6fe4a13cfc5fe634c622fc5
5c82bf44b7ea0d2399d52df26b0ebc574cea4c4ff5d34423d07a1fc20e2e3587
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bb5fac1f289cb91381d3d1a07094b179
df6f8fe7a21efb35290d24f2b8b0fe809cae8d33
34472778a647b2db33e669d8582b510d94d9e0d355d77c73d643b7495b0f6997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 4dab8a11f6f832896613d012233bf6ba
05fb1e721b40793fc921c840b2b89d732868184a
04948e2b6ac1e964c58eb5cdee1bbb5adc6d5a80edb63bf96e62426d19c2f5ab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 20:52:46 GMT
Last-Modified: Sun, 22 Jan 2023 19:16:28 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CYPuX-AemuuwMGuLXcJZav1XUJdgVSt2xNjYXFvB0Vlzo41lSnfJVA==
Age: 5778
simplewebanalysis.com/stats
52.29.129.178200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.129.178:0
File type ASCII text, with no line terminators
Hash 30b1659bf2140e3354abd46bd453dc84
a5bb2e7c7c084d23c560e593f8ede8aa65147e8d
17ef2673030011e69849d27dc4db19af1eb095805a68897d2f70ffcb365185c5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.pdfdrive.com
access-control-allow-credentials: true
set-cookie: uid_id2=7c4c6654-71ad-4e95-9c48-2b98275e2c71:2:1; expires=Wed, 19 Jan 2033 20:52:46 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 1.3 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7f21c34b3bfa0cb62d7d69d5e6e8a62e
246e5b97717bffea4b00d065ce6379108f308b29
4b20ad4ba80bdf9aa035275e931df639a9ef7c7d2bb92933274433236ae7b1a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5313
Expires: Sun, 22 Jan 2023 22:21:20 GMT
Date: Sun, 22 Jan 2023 20:52:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F612dbd3f-3cd3-44bd-8729-b4d4aa118f87.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F612dbd3f-3cd3-44bd-8729-b4d4aa118f87.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b7dac109bc648666356225a0d21ed17
f07e82cffe064c296cb1b2c80f7b09feb7552bbe
cc8997d71cd85021addccb0f6a0f00edf95f9747333ff0a436581db4ede78f51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F612dbd3f-3cd3-44bd-8729-b4d4aa118f87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6102
x-amzn-requestid: 256e7b90-3052-41f7-abcf-43c455a2ee7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOFfEZtIAMFWhA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d56-3237bb0a1f86766b5eb86e82;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:47:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8pl8mAIA_RrOxBgjRkNf9IgG3b7K8R7ypfXIF_APxZr3_2lYnIB8rA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 22:07:46 GMT
age: 81901
etag: "f07e82cffe064c296cb1b2c80f7b09feb7552bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f86ec004a2042b4030cd2cce2bf1e1d
e3c00dcc55f095f03a6f4505960ac1cee0b3877c
64b5084d4145d5931af05c335d21e31e75db30b1f9e8a2efd92fc4cd0aa7ac07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8221
x-amzn-requestid: 02db02af-4f05-450d-9370-0e7a9dda6948
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOEWGUMoAMF2QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d4e-050e7cdf21878aa159f36d0b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:46:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VtzsQ7NI9ODiQfxm_EaSDsizPQhDOSH3O23UEaHg1KI9bg8imLdOnw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:16 GMT
age: 83071
etag: "e3c00dcc55f095f03a6f4505960ac1cee0b3877c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e71636bb9a13ad7d52d253e16cd6a3f
401dd58e34982d3434739b9a2f7182487ea1cac5
1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 5469b005-6740-4f3d-80ca-a45fd39cae68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkCFiZoAMF8oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c80-210da08f113a3273257b7d61;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: j3SoP46ER0JjOaLh363bQ9QW4ZIW19_rbgeQ7Ey8W-zgyGMMLSLccA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:17 GMT
etag: "401dd58e34982d3434739b9a2f7182487ea1cac5"
content-type: image/jpeg
age: 83070
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d78dc13-3c8d-4c31-8f64-3f9de4ba79d1.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d78dc13-3c8d-4c31-8f64-3f9de4ba79d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2aec02a691f126259e2a3c701e322ffe
af9161eefc1ee381a8f531c593ea7354d73493eb
e0094d54ca9bbbc4154abec2ce152453ddb1544e020b4a859e5da1f7073a26d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d78dc13-3c8d-4c31-8f64-3f9de4ba79d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4796
x-amzn-requestid: 9ad3dcbc-3d19-4619-a8cb-b316a8d51290
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7ULpHgKIAMFmYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79a4a-769bcf2f4d7787d007ec30e2;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:05:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -TjivJmHgT_N2QWC1rn8ng1sl5h53FcgoU9ALMINJEY6onseYEWGRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 08:07:27 GMT
age: 45920
etag: "af9161eefc1ee381a8f531c593ea7354d73493eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 03:24:49 GMT
age: 62878
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0b111b9-f539-44ed-9667-4c69b6c7fc17.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0b111b9-f539-44ed-9667-4c69b6c7fc17.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 948fa7fe4ba4b6dd0d31cbcb06fc0957
664552f4c80796a63353e62196bd6e05177e4d95
342a38f0c7e058c3e5ef402df230c656926baea5e82f912ff5f1efb1889a6150
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0b111b9-f539-44ed-9667-4c69b6c7fc17.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10204
x-amzn-requestid: a3fe3da3-19c8-40cc-945a-12b9985a948e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYXGGAZoAMF6Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0760-3b65934a7cad371d7b049ae2;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KvDIbsxcuLhmy8IkuaziGP0ABqEEf-JVOezo1vUc8mDLf2-hvF6Xwg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 04:00:37 GMT
age: 60730
etag: "664552f4c80796a63353e62196bd6e05177e4d95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 564a72806387e81ebdfbb0129f353d18
bcb32589b0edca710946d1bb3c52984f83b16efa
68268133207de7b929dd9c222d67d1df50bc998bc42651da8ce10a0e43796816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68268133207DE7B929DD9C222D67D1DF50BC998BC42651DA8CE10A0E43796816"
Last-Modified: Fri, 20 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6756
Expires: Sun, 22 Jan 2023 22:45:23 GMT
Date: Sun, 22 Jan 2023 20:52:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 564a72806387e81ebdfbb0129f353d18
bcb32589b0edca710946d1bb3c52984f83b16efa
68268133207de7b929dd9c222d67d1df50bc998bc42651da8ce10a0e43796816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68268133207DE7B929DD9C222D67D1DF50BC998BC42651DA8CE10A0E43796816"
Last-Modified: Fri, 20 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9809
Expires: Sun, 22 Jan 2023 23:36:16 GMT
Date: Sun, 22 Jan 2023 20:52:47 GMT
Connection: keep-alive
cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
151.101.193.44200 OK 148 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
IP 151.101.193.44:0
File type ASCII text, with very long lines (65508)
Size 148 kB (148069 bytes)
Hash 1ece2524f4e13b48156b677a246be3e2
0d33cf3838f1d6e99b6df2bf9c42824b6e036331
b6c03171a2754b6acd58ad2c598e1e10c4d19c5e555627b767bae52f63ad6857
GET /libtrc/impl.20221215-12-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: A42zZb7068fFajUzWEgcXv2LDfrQjhbCQQNpupIV7nILSB5OQ9eOf9AJagA8sjb2JAevE+rUn0k=
x-amz-request-id: 44VF2FFJTFNTZMQP
last-modified: Mon, 19 Dec 2022 11:42:14 GMT
etag: "1ece2524f4e13b48156b677a246be3e2"
content-encoding: br
x-amz-version-id: MU1S4JEfWy4cxtfi5_yqUyVdR_QtkyMa
content-type: application/javascript
accept-ranges: bytes
date: Sun, 22 Jan 2023 20:52:47 GMT
via: 1.1 varnish
age: 7675
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1674420767.206337,VS0,VE1
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 2
server: AmazonS3-br
content-length: 148069
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7c6bf9c5dd251c132a9dd2fd245d4cf1
eae67c09237f096192bed2dcd49a33faab402410
268736e0a2fcc9f57ef3ca0520e15cebc37ab60bc66b8610a105bbd5bb309ea5
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4063
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Last-Modified: Sun, 22 Jan 2023 19:45:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6424e73a80bde44d808a2cd4833f0dd9
66c6174b2ce398b76b06ed0640159d4342be7373
62466c1fb7db40485fc89893bd8bb78edf6a5a1ecd177d1bf55b34b7dd06067d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2101
Cache-Control: max-age=134322
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd039c-1d7"
Expires: Tue, 24 Jan 2023 10:11:29 GMT
Last-Modified: Sun, 22 Jan 2023 09:36:28 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
router.infolinks.com/usync/lcmanage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/usync/lcmanage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue
IP 172.66.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/lcmanage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
cache-control: no-store
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce30c91b4f9-OSL
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
AN-X-Request-Uuid: 02249a3b-8a8b-4fcc-ae2a-32ef634bab64
Set-Cookie: uuid2=3305077371833796672; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
172.64.154.237302 Found 12 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
IP 172.64.154.237:0
Hash bb9c1a9e52b90c314c8961bfd5e315d2
856997e7fe76d59e1c42ff85ba3139436229d9b4
e45c93b4400c851e909298469b6bfb4fad7f07f97e4f91cc522bbc88040814fd
GET /usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
location: /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
cf-ray: 78db2ce3ab8d0b02-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y82iHwFZ.dkAB90raIXEaQAA; Path=/; Domain=casalemedia.com; Expires=Mon, 22 Jan 2024 20:52:47 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1830; Path=/; Domain=casalemedia.com; Expires=Sat, 22 Apr 2023 20:52:47 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1830; Path=/; Domain=casalemedia.com; Expires=Sat, 22 Apr 2023 20:52:47 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59%2BlkcvCxDV%2BvCjUra%2BLLdFxFAYWBU2XZx7k6m5KcZZ4YPlviJQN5l%2BPv%2BHEDit7RXINJp%2BijRRdhzxCIMRAJk34wTaoKRJ6s%2Bv4vNF%2FChIL%2F7hadpW%2BEXQptyrDai%2FvI45MB9le8rka8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 12e5d9b5e263fdd42d7b52b8559df4ba
35390c11696db10e84f0d65614c126e7d57da88b
146923d8eb544505fb6d7f85eedc50a386b7244057340aa0f9eda4c477825eb2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 13:55:56 GMT
Expires: Sat, 28 Jan 2023 13:55:55 GMT
Etag: "35390c11696db10e84f0d65614c126e7d57da88b"
Cache-Control: max-age=492787,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78db2ce3a94eb50f-OSL
u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
35.244.159.8200 OK 56 B URL HTTP/2 u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
IP 35.244.159.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 15669dda86db3cbff7835fa202dc0b16
ce788cab9c1aa7e458a3971a59702c410b37e64d
5cc3f958039a8885c4e9526e22d454da47d579b9a02861e7a60b41fa0ba910df
GET /w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP/1.1
Host: u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html
content-length: 56
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID
185.64.190.79302 Found 267 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID
IP 185.64.190.79:0
File type HTML document, ASCII text
Hash 4c3b0ed5d0694dfc6293df9d26db3427
d24a807f496ede8c6860cdfaef65db160c5bd622
bd7d1d9ab7cd90754ced171b8a2a5f8585295a99cbdaeeb377019e772442efe4
GET /AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Sun, 22 Jan 2023 20:52:46 GMT
content-length: 267
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID
185.64.190.79302 Found 272 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID
IP 185.64.190.79:0
File type HTML document, ASCII text
Hash ebb92a4e4bfa9f49081d6d5490b87169
e986871fb2a1067935b9f45ff4ba155383056b29
fd3de728a94f948ba814f33b0020466ae949a4c493784a6b7a5f23687385747d
GET /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Sun, 22 Jan 2023 20:52:45 GMT
content-length: 272
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.pdfdrive.com%252Fsearch%253Fq%253DJ.%252BB.%252BEisenkraft%2526more%253Dtrue&pid=12306&adnxs_uid=$UID
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.pdfdrive.com%252Fsearch%253Fq%253DJ.%252BB.%252BEisenkraft%2526more%253Dtrue&pid=12306&adnxs_uid=$UID
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.pdfdrive.com%252Fsearch%253Fq%253DJ.%252BB.%252BEisenkraft%2526more%253Dtrue&pid=12306&adnxs_uid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.pdfdrive.com%25252Fsearch%25253Fq%25253DJ.%25252BB.%25252BEisenkraft%252526more%25253Dtrue%26pid%3D12306%26adnxs_uid%3D%24UID
AN-X-Request-Uuid: 98959e8b-2976-449c-8807-3ce405270563
Set-Cookie: uuid2=6806222058902591307; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
23.38.200.22302 Moved Temporarily 154 B URL HTTP/1.1 cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
IP 23.38.200.22:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E HTTP/1.1
Host: cs.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: Apache
Content-Length: 154
Content-Type: text/html
Location: https://router.infolinks.com/dyn/mnet-usync?uid=0000EEA
Set-Cookie: data-inf=setstatuscode~~41;Expires=Sat, 22 Apr 2023 20:52:47 GMT;path=/;domain=.media.net;
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
X-MNET-HL2: E
Expires: Sun, 22 Jan 2023 20:52:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 22 Jan 2023 20:52:47 GMT
Connection: keep-alive
image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1
185.64.190.79200 OK 0 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1
IP 185.64.190.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1
185.64.190.79200 OK 0 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1
IP 185.64.190.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 7ef60e839dbeac80f9b9d04c8d675772
519f3f08267b6ad5edc410867d3ebbb5ab53cc1c
99245dbd8262b1fc447459709e9babb2b8afb1807b0dbc3ec816c6e9c2a2f6c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4852
Cache-Control: max-age=151895
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd3d82-138"
Expires: Tue, 24 Jan 2023 15:04:22 GMT
Last-Modified: Sun, 22 Jan 2023 13:43:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07a386cd54caf47f1721ea096723f97a
6febb519d7286067aff2d49ef00cb3b06f50ad50
da9696363cd10f4c812865d7b70059b374711bc3749392ef5148ed865e7f8f72
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4802
Cache-Control: max-age=157184
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd525d-1d7"
Expires: Tue, 24 Jan 2023 16:32:31 GMT
Last-Modified: Sun, 22 Jan 2023 15:12:29 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
router.infolinks.com/dyn/iq-usync
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/dyn/iq-usync
IP 172.66.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dyn/iq-usync HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/usync/manage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
cache-control: no-store
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce30c8fb4f9-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07a386cd54caf47f1721ea096723f97a
6febb519d7286067aff2d49ef00cb3b06f50ad50
da9696363cd10f4c812865d7b70059b374711bc3749392ef5148ed865e7f8f72
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4802
Cache-Control: max-age=157184
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd525d-1d7"
Expires: Tue, 24 Jan 2023 16:32:31 GMT
Last-Modified: Sun, 22 Jan 2023 15:12:29 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
onetag-sys.com/usync/?pubId=598ce3ddaee8c90
51.89.9.253204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=598ce3ddaee8c90
IP 51.89.9.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=598ce3ddaee8c90 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
185.89.210.90302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://router.infolinks.com/dyn/apn-usync?user_id=0
AN-X-Request-Uuid: 003609e2-5623-4a54-88d8-abfd111b8e95
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ups.analytics.yahoo.com/ups/58422/occ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58422/occ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58422/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBB-izWMCEIA_aZAlKk-mqj-ZCwPrnFoFEgEBAQHzzmPXYwAAAAAA_eMAAA&S=AQAAAhJbQ4DfGyAu4socv_8davA; Expires=Tue, 23 Jan 2024 02:52:47 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
3.126.56.137301 Moved Permanently 360 B URL HTTP/2 pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
IP 3.126.56.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ef184c6b065a63adf6c94f609c0a0c72
12e8af72d7af8f029d4300991e1eda7ec9f2545b
b01d8ed4f119579d92815a648e454327ae4af8a4592e98462fb72f414ddba9af
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP/1.1
Host: pixel.advertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 22 Jan 2023 20:52:47 GMT
server: ATS/9.1.10.25
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
content-type: text/html
content-language: en
set-cookie: A3=d=AQABBB-izWMCEOlYoOJ2ZvE3SSvixkuHnj8FEgEBAQHzzmPXYwAAAAAA_eMAAA&S=AQAAAhhey_KZGMOcu3fJ8qqvcPY; Expires=Tue, 23 Jan 2024 02:52:47 GMT; Max-Age=31557600; Domain=.advertising.com; Path=/; SameSite=None; Secure; HttpOnly
content-length: 360
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7c6bf9c5dd251c132a9dd2fd245d4cf1
eae67c09237f096192bed2dcd49a33faab402410
268736e0a2fcc9f57ef3ca0520e15cebc37ab60bc66b8610a105bbd5bb309ea5
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5528
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Last-Modified: Sun, 22 Jan 2023 19:20:39 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.pdfdrive.com%25252Fsearch%25253Fq%25253DJ.%25252BB.%25252BEisenkraft%252526more%25253Dtrue%26pid%3D12306%26adnxs_uid%3D%24UID
185.89.210.90302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.pdfdrive.com%25252Fsearch%25253Fq%25253DJ.%25252BB.%25252BEisenkraft%252526more%25253Dtrue%26pid%3D12306%26adnxs_uid%3D%24UID
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.pdfdrive.com%25252Fsearch%25253Fq%25253DJ.%25252BB.%25252BEisenkraft%252526more%25253Dtrue%26pid%3D12306%26adnxs_uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&pid=12306&adnxs_uid=0
AN-X-Request-Uuid: 41ec593c-e1ef-4fea-bb10-872215bd6571
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 22d545cefdcd523199926afe1f1209fd
811e009f8a54d6e6f687f5b46957aff4b0660c94
8fb316683e2c8be4926990029703484aaef610f2e9f9be9bb332e248b68b9c55
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149416
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd339e-1d7"
Expires: Tue, 24 Jan 2023 14:23:03 GMT
Last-Modified: Sun, 22 Jan 2023 13:01:18 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YPZElMR8jxMX45wPHkaQ3lzIGiIGcuAJXLUjbGibLXv9zjKes_dyeA==
Age: 4905
router.infolinks.com/dyn/mnet-usync?uid=0000EEA
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/mnet-usync?uid=0000EEA
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/mnet-usync?uid=0000EEA HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: MNETUSERCOOKIE=0000EEA; Domain=infolinks.com; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 22 Jan 2022 20:52:47 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce44e9cb4f9-OSL
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58422/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58422/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58422/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 22 Jan 2023 20:52:47 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBB-izWMCEABrkqECUNDM5BOqiKEK_xMFEgEBAQHzzmPXYwAAAAAA_eMAAA&S=AQAAAm0WQGXF8BU8mRsBUyuVwgg; Expires=Tue, 23 Jan 2024 02:52:47 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
frolicbrook.com/a2/71/08/a2710803631d2a6fc90c289bfea08cdc.js
192.243.59.20200 OK 29 kB URL HTTP/1.1 frolicbrook.com/a2/71/08/a2710803631d2a6fc90c289bfea08cdc.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash d987b704df851d6a2b172edf97c1da8a
0d6cb65ef4eaed02639defb5de3c25591057fa48
e676b08b16fed4665fae897581943288e2bb97face68002972b60ececd5fd140
Analyzer Verdict Alert quad9 Sinkholed
GET /a2/71/08/a2710803631d2a6fc90c289bfea08cdc.js HTTP/1.1
Host: frolicbrook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 447a3c65fb78bb134f58fb0a1fc0017e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBB-izWMCENeoZ6iH5TSHUesPx0ujOicFEgEBAQHzzmPXYwAAAAAA_eMAAA&S=AQAAAmxEva-lGkHEkR9qMYJE5xo; Expires=Tue, 23 Jan 2024 02:52:47 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
frolicbrook.com/ntv.json?key=df4b7efb45757e4dbe9ea4dd784ddb26&vstc=1
192.243.59.20200 OK 4.1 kB URL HTTP/1.1 frolicbrook.com/ntv.json?key=df4b7efb45757e4dbe9ea4dd784ddb26&vstc=1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (4119), with no line terminators
Hash ead61b46fbb2c0b0ae93d6eb528854b8
a36b6432422cddeaeb72d379a53699af32ae6a3e
745b096f4a9cdfb50f5f7bd8492f780fe6d01335916eb143221d42c348a3ab1b
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=df4b7efb45757e4dbe9ea4dd784ddb26&vstc=1 HTTP/1.1
Host: frolicbrook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/json
Content-Length: 4119
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.pdfdrive.com
Access-Control-Allow-Origin: https://www.pdfdrive.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17340372; expires=Mon, 23 Jan 2023 20:52:47 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Jan 2023 20:52:47 GMT; secure; SameSite=None
uncs=1; expires=Mon, 23 Jan 2023 20:52:47 GMT; secure; SameSite=None
pdhtkv49=true; expires=Mon, 23 Jan 2023 20:52:47 GMT; secure; SameSite=None
uncs49=1; expires=Mon, 23 Jan 2023 20:52:47 GMT; secure; SameSite=None
nlecdf4b7efb45757e4dbe9ea4dd784ddb26=[2229214]; expires=Sun, 22 Jan 2023 20:52:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fdb3b09696b21310b2a72b2077d8b3b9
Strict-Transport-Security: max-age=0; includeSubdomains
stackpath.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.11.207200 OK 22 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (65325)
Hash 0521039971bb7128cbd3d4f7301c2392
e856e76bc39c3cf3e7c5dbba7ac318a8e69cb37e
58ba905cbbc06b830a676586e16c2c0385fda703d763849dae41c8fb70f20539
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 01/30/2022 11:18:43
cdn-edgestorageid: 756
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 4bb03228281b4b0985289509643bca81
cdn-cache: HIT
cf-cache-status: HIT
age: 19869756
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78db2cdb7e5f1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/infolinks?zcc=1&cb=1674420767388
213.19.147.45302 Found 35 B URL HTTP/2 sync.1rx.io/usersync2/infolinks?zcc=1&cb=1674420767388
IP 213.19.147.45:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /usersync2/infolinks?zcc=1&cb=1674420767388 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
router.infolinks.com/dyn/ix-usync?uid=0
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/ix-usync?uid=0
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/ix-usync?uid=0 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssum-sec.casalemedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce47edeb4f9-OSL
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/infolinks
213.19.147.45302 Found 16 kB URL HTTP/2 sync.1rx.io/usersync2/infolinks
IP 213.19.147.45:0
Hash 6815d7c737f34c721c4ee857910ba574
be7f85caf4b4034e2421f9ecc4643780a8189919
491487edf7e1091a28177f86c629f9d5191ea3d61f65a9d7f7ccea540a909997
GET /usersync2/infolinks HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-5e523a26-e9e8-45b6-aebe-1a6569ee965c-003%22%2C%22zdxidn%22%3A%222109%22%7D; path=/; expires=Mon, 22 Jan 2024 20:52:47 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1674420767388
etag: RX5e523a26e9e845b6aebe1a6569ee965c003
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 49f4099c273c6b5341600aaeb4396470
bc361fdc89efe73562b4af8fca1fce26afaad2cb
44744da2c501642aa4015c059a546328442ff0fa07b4e28ff2d2f563676442c9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101180
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cc8537-1d7"
Expires: Tue, 24 Jan 2023 00:59:07 GMT
Last-Modified: Sun, 22 Jan 2023 00:37:11 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hNcCwFlB8or7uyOjLZ9cZcbSPm0Ab1_YP_JkxEs-S70SrMqCx9OITQ==
Age: 1316
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 94a1022dd581ad036d18a2c99c15818e
6775b9e933b1d6b935537fdb128eca1b7726cfbb
535e9a818da1c51e183172f6df671716188cda8bdd587c76837a867d2784a810
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 21 Jan 2023 21:19:08 GMT
Expires: Sun, 22 Jan 2023 21:19:08 GMT
ETag: "6775b9e933b1d6b935537fdb128eca1b7726cfbb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 22 Jan 2023 20:52:47 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBB-izWMCEKYy3G6Se0pvhlU5_1-98p0FEgEBAQHzzmPXYwAAAAAA_eMAAA&S=AQAAAj-akOG9jo3w7m1osDpNrWI; Expires=Tue, 23 Jan 2024 02:52:47 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
91.228.74.251302 Found 0 B URL HTTP/2 cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
IP 91.228.74.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/p-u1vdacBMXAcfT.gif?idmatch=0 HTTP/1.1
Host: cms.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://router.infolinks.com/dyn/qc-usync?&uid=QFPuCRdSvAtbWOhYF1igCxJZ6V9bVegORlmgiaW5
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EF8BDQGOKM2aswA; expires=Sat, 22-Apr-2023 20:52:47 GMT; path=/; domain=.quantserve.com
mc=63cda21f-8e5a8-fd9d2-5ec09; expires=Thu, 22-Feb-2024 20:52:47 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
52.58.98.23302 Found 0 B URL HTTP/2 ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
IP 52.58.98.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
set-cookie: tuuid=67464468-c001-496e-a191-7207ab2165ad; Expires=Sat, 22 Apr 2023 20:52:47 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1674420767; Expires=Sat, 22 Apr 2023 20:52:47 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 301d2c109bca66b8626ccc987d800908
69008a77c3c1858a8d178077e9720c362715df4e
455f5a207f4a05c0542e62c014dae49c2cf407f3aa17cdd86c50cbcbb37d9739
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2327
Cache-Control: max-age=108330
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cc9d32-1d7"
Expires: Tue, 24 Jan 2023 02:58:17 GMT
Last-Modified: Sun, 22 Jan 2023 02:19:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
router.infolinks.com/dyn/ur-usync?uid=OPTOUT
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/ur-usync?uid=OPTOUT
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/ur-usync?uid=OPTOUT HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: URUSERCOOKIE=OPTOUT; Domain=infolinks.com; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 22 Jan 2022 20:52:47 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce48eedb4f9-OSL
X-Firefox-Spdy: h2
ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
216.52.2.48204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
IP 216.52.2.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sun, 22 Jan 2023 20:52:47 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap5ams1
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash a501f3b747b318a37ce010d0d596009c
c8a319fe3f6620684da93d06e4c66c82ecf05895
125a1a002ee07ef7a929032c9405b7afa3516937498b22653304bc508d43f5c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4101
Cache-Control: max-age=144656
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd242a-138"
Expires: Tue, 24 Jan 2023 13:03:43 GMT
Last-Modified: Sun, 22 Jan 2023 11:55:22 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash dcbaae1e7f3c02600153acb79718b564
0f9f92f60e3eec860e8d77116659731a377b453e
79a0d531c96ccf6e042ddeaa2c42d4827c30e23fae924710b7fe53a49ab801ca
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 21 Jan 2023 21:03:45 GMT
Expires: Sun, 22 Jan 2023 21:03:45 GMT
ETag: "0f9f92f60e3eec860e8d77116659731a377b453e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
52.58.98.23200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
IP 52.58.98.23:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
trc-events.taboola.com/asahainc/log/2/debug?tim=20%3A52%3A46.162&type=usage&msg=rtus&llvl=2&id=6844&cv=20221215-12-RELEASE<=deflated&uuid=4b54b40f975672ac07d937589199b185d89788aeec7cc4678eb72db480f7c66d&dcc=1&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/asahainc/log/2/debug?tim=20%3A52%3A46.162&type=usage&msg=rtus&llvl=2&id=6844&cv=20221215-12-RELEASE<=deflated&uuid=4b54b40f975672ac07d937589199b185d89788aeec7cc4678eb72db480f7c66d&dcc=1&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /asahainc/log/2/debug?tim=20%3A52%3A46.162&type=usage&msg=rtus&llvl=2&id=6844&cv=20221215-12-RELEASE<=deflated&uuid=4b54b40f975672ac07d937589199b185d89788aeec7cc4678eb72db480f7c66d&dcc=1&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 22 Jan 2023 20:52:47 GMT
x-fastly-to-nlb-rtt: 22380
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e15cf3abfd51b820848714be5b338395
eb85d60de39eb873bfba6603da5e216223a04147
67d2070428e9dbcaf8d880ed27e91947b40e2d3d25c6344cf3189b5a06425034
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 13:57:51 GMT
Expires: Sat, 28 Jan 2023 13:57:50 GMT
Etag: "eb85d60de39eb873bfba6603da5e216223a04147"
Cache-Control: max-age=492902,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78db2ce5c8970b69-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 20e85a6243a2fdb18c9653ff40fcfe11
712f65191ca92daa6524eb48b310ebdc669e6c38
591f76281635664c65a7e60eb72ab03e3084889c36da6ab48a9d353d526616b8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144435
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd2576-1d7"
Expires: Tue, 24 Jan 2023 13:00:02 GMT
Last-Modified: Sun, 22 Jan 2023 12:00:54 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: L0jHc3Aetc_dx3TkiGh6hRodferidNfBDyLHDI594SRXoWot61LtdQ==
Age: 3548
b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
70.42.32.31302 Found 70 B URL HTTP/1.1 b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
IP 70.42.32.31:0
File type HTML document, ASCII text
Hash 16ccc9da763aca428789e4f469fc7ff1
4a873c523b8d9bdbc30b8c48189817413a19ee7a
5be7e833013b4b10333a904010b01217263df39c501a29b146d072110ceea4a1
GET /usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Content-Length: 70
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Sun, 22 Jan 2023 20:52:47 GMT
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash dd2096a4a7a5c3188c201786c1ac237e
109727a040df8cc210e6a2136e693b4250840781
2829dfd0e6ec9bf3983fe15523571ea19039f4d8cf78b25c891f73549ac9edb9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 19:14:50 GMT
Expires: Thu, 26 Jan 2023 19:14:49 GMT
Etag: "109727a040df8cc210e6a2136e693b4250840781"
Cache-Control: max-age=339121,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78db2ce60d75b4f4-OSL
router.infolinks.com/dyn/qc-usync?&uid=QFPuCRdSvAtbWOhYF1igCxJZ6V9bVegORlmgiaW5
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/qc-usync?&uid=QFPuCRdSvAtbWOhYF1igCxJZ6V9bVegORlmgiaW5
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/qc-usync?&uid=QFPuCRdSvAtbWOhYF1igCxJZ6V9bVegORlmgiaW5 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: QCUSERCOOKIE=QFPuCRdSvAtbWOhYF1igCxJZ6V9bVegORlmgiaW5; Domain=infolinks.com; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 22 Jan 2022 20:52:47 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce58888b4f9-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 480a84860b5a64f7d266b7fa095c70a3
e4409d282dc6da24e38b759bf00be0dec31b8581
ae7169c9a001e909bf63fa5828d66ed267b951b14a7f967682fc08c1c6e5e229
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 11:33:39 GMT
Expires: Sun, 29 Jan 2023 11:33:38 GMT
Etag: "e4409d282dc6da24e38b759bf00be0dec31b8581"
Cache-Control: max-age=570650,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78db2ce52ba3b50f-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2b2efca8c8196585d979ceab9f57e43
f12e303169c0d0f56488c3c94f748e1d1c0f1c14
22827ebe7f1adc4d02d82b33af14e04f3b30c74ba3b8af90e0905c8e407fcd7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22827EBE7F1ADC4D02D82B33AF14E04F3B30C74BA3B8AF90E0905C8E407FCD7B"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2776
Expires: Sun, 22 Jan 2023 21:39:03 GMT
Date: Sun, 22 Jan 2023 20:52:47 GMT
Connection: keep-alive
sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
69.166.1.12302 Found 22 kB URL HTTP/1.1 sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
IP 69.166.1.12:0
Hash 25732c5ea8b883b5456731900dfcdc07
879d1db7ad3539b241fc37c267665d6c50c2cf73
a9c8021baaf4c773797682cc61d6c9bb773f1360d208a17bf5ba9b3e5a2a6729
GET /us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP/1.1
Host: sync.go.sonobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-36
X-Xss-Protection: 0
Location: https://router.infolinks.com/dyn/sonobi-usync?uid=481ad2e0-6c98-47b8-b7c3-350638957493
Server: sonobi-go
Set-Cookie: __uis=481ad2e0-6c98-47b8-b7c3-350638957493; expires=Tue, 21 Feb 2023 20:52:46 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
HAPLB8S=s8536|Y82iI; path=/; domain=.go.sonobi.com; SameSite=None; secure
router.infolinks.com/dyn/apn-usync?user_id=0
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/apn-usync?user_id=0
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/apn-usync?user_id=0 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce4df70b4f9-OSL
X-Firefox-Spdy: h2
s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&pid=12306&adnxs_uid=0
54.73.141.92200 OK 95 B URL HTTP/1.1 s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&pid=12306&adnxs_uid=0
IP 54.73.141.92:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /ca.png?ref=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&pid=12306&adnxs_uid=0 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
pragma: no-cache, no-cache
set-cookie: cpSess=790006fbd658266; Expires=Mon, 22 Jan 2024 20:52:47 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
p3p: CP="NOI DEV ADM"
expires: Sun, 22 Jan 2023 20:52:47 UTC
frolicbrook.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3o0Y9KLBi7ji4EEUlkn3TE8m4x6CcY0E1yTuruRq%2FfWkTE1XU9U9PYmX6MKyx9mTP6fON8kG1yCud0UmgixhD2kEzcHcPQviUWYyEH3Q%2Fb6q7xV833vv7m52Rnxk9HTtfbOttKazjapfeX1dxcLkrrJyuxL4Vf9aZV3Fc%2BG1Sm%2F0s903A79R9d%2BovCv5ppmt%2BYHvB35QWVJWRqY3O2ahksNWUG351bBWDRohevb%2FZ5d5cNSD6J6RGShRPrXx%2BBEUHyLufHddus3UJFff6WSapsaiKw4%2BjDdjk8foXMDIeojig0k1jCsJ%2BeISTHwwcQDT3Rs5AFMl8X4LwOKDiUyw7v65UqYhYzDxLPLuEFIPoegQ3NyBEicE4AIrq4g7D1aMzenWOUtHbEmm%2Fv4LKi%2FJ1B8vIO58u6hVr3LL6CxVJnboRQVUbwjVHiLJjpBue1D5EXj6GZQgiDsFlCjGrpUaQkVDaNkHdR6y0ac8ZJGHLPHQEacV2mhFvt%2BMWFSvz4ec83qd88b8nGiIejgf%2Bcj4SFYfadIH131wu4PE7mBT3T9pzMBmP8FtFHDCg0tL4n2wg64okEuC3BHklCBXBHlKkHeLfaFdzRUPhHYZCya5Nsn1YmDS9i7dN2lbxmQ3OSPPj1riTX%2F%2BKzblaUVEIWvKiIWNZqMpQ8FkS9JQiOZ8KASrzcGpAspdGrvdViW5MvweiSrJ0x%2B9DEaP4PQRuHoJNAtA80Gz5oNuDMJ5H9vxYSIiYVVXVrnpQJgCSTqFdMvb1WfkxfFoXr18BsmPFx5eOZwOXvsT3BZIbIGP1c8EbX1vcNPkZO%2BmyR15tJqkqqO26Whst1KayssP35NbubFi%2Bbrrf%2F0WHxEjeHhbuvQGjYWK2458s6iEkHbJWC7JD8tuXbK1zG0sZjbOkhtrby8tdxIrnVMmHoKqk9V%2FwFVJpj79cbyQzz25C2WHsFmBTnZMJgFljsCTHbjkQr0zBFZf1LDEQ54VA1tjF5dalWS2OgUtjxf07zOfXP1lGpQVcPI%2FDy%2FwrruHtvVA0zvjVezaAl1dgOo%2BXPbMIE3s8cLjL0fxFZj2Bkxbb49pq%2B%2Bft9ep04psRH4k%2FZpkUYtFTeqLVhS2GG0FsskaNEDqSv4Er%2FwLAAD%2F%2FwEAAP%2F%2FWEg5IGwEAAA%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 frolicbrook.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3o0Y9KLBi7ji4EEUlkn3TE8m4x6CcY0E1yTuruRq%2FfWkTE1XU9U9PYmX6MKyx9mTP6fON8kG1yCud0UmgixhD2kEzcHcPQviUWYyEH3Q%2Fb6q7xV833vv7m52Rnxk9HTtfbOttKazjapfeX1dxcLkrrJyuxL4Vf9aZV3Fc%2BG1Sm%2F0s903A79R9d%2BovCv5ppmt%2BYHvB35QWVJWRqY3O2ahksNWUG351bBWDRohevb%2FZ5d5cNSD6J6RGShRPrXx%2BBEUHyLufHddus3UJFff6WSapsaiKw4%2BjDdjk8foXMDIeojig0k1jCsJ%2BeISTHwwcQDT3Rs5AFMl8X4LwOKDiUyw7v65UqYhYzDxLPLuEFIPoegQ3NyBEicE4AIrq4g7D1aMzenWOUtHbEmm%2Fv4LKi%2FJ1B8vIO58u6hVr3LL6CxVJnboRQVUbwjVHiLJjpBue1D5EXj6GZQgiDsFlCjGrpUaQkVDaNkHdR6y0ac8ZJGHLPHQEacV2mhFvt%2BMWFSvz4ec83qd88b8nGiIejgf%2Bcj4SFYfadIH131wu4PE7mBT3T9pzMBmP8FtFHDCg0tL4n2wg64okEuC3BHklCBXBHlKkHeLfaFdzRUPhHYZCya5Nsn1YmDS9i7dN2lbxmQ3OSPPj1riTX%2F%2BKzblaUVEIWvKiIWNZqMpQ8FkS9JQiOZ8KASrzcGpAspdGrvdViW5MvweiSrJ0x%2B9DEaP4PQRuHoJNAtA80Gz5oNuDMJ5H9vxYSIiYVVXVrnpQJgCSTqFdMvb1WfkxfFoXr18BsmPFx5eOZwOXvsT3BZIbIGP1c8EbX1vcNPkZO%2BmyR15tJqkqqO26Whst1KayssP35NbubFi%2Bbrrf%2F0WHxEjeHhbuvQGjYWK2458s6iEkHbJWC7JD8tuXbK1zG0sZjbOkhtrby8tdxIrnVMmHoKqk9V%2FwFVJpj79cbyQzz25C2WHsFmBTnZMJgFljsCTHbjkQr0zBFZf1LDEQ54VA1tjF5dalWS2OgUtjxf07zOfXP1lGpQVcPI%2FDy%2FwrruHtvVA0zvjVezaAl1dgOo%2BXPbMIE3s8cLjL0fxFZj2Bkxbb49pq%2B%2Bft9ep04psRH4k%2FZpkUYtFTeqLVhS2GG0FsskaNEDqSv4Er%2FwLAAD%2F%2FwEAAP%2F%2FWEg5IGwEAAA%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3o0Y9KLBi7ji4EEUlkn3TE8m4x6CcY0E1yTuruRq%2FfWkTE1XU9U9PYmX6MKyx9mTP6fON8kG1yCud0UmgixhD2kEzcHcPQviUWYyEH3Q%2Fb6q7xV833vv7m52Rnxk9HTtfbOttKazjapfeX1dxcLkrrJyuxL4Vf9aZV3Fc%2BG1Sm%2F0s903A79R9d%2BovCv5ppmt%2BYHvB35QWVJWRqY3O2ahksNWUG351bBWDRohevb%2FZ5d5cNSD6J6RGShRPrXx%2BBEUHyLufHddus3UJFff6WSapsaiKw4%2BjDdjk8foXMDIeojig0k1jCsJ%2BeISTHwwcQDT3Rs5AFMl8X4LwOKDiUyw7v65UqYhYzDxLPLuEFIPoegQ3NyBEicE4AIrq4g7D1aMzenWOUtHbEmm%2Fv4LKi%2FJ1B8vIO58u6hVr3LL6CxVJnboRQVUbwjVHiLJjpBue1D5EXj6GZQgiDsFlCjGrpUaQkVDaNkHdR6y0ac8ZJGHLPHQEacV2mhFvt%2BMWFSvz4ec83qd88b8nGiIejgf%2Bcj4SFYfadIH131wu4PE7mBT3T9pzMBmP8FtFHDCg0tL4n2wg64okEuC3BHklCBXBHlKkHeLfaFdzRUPhHYZCya5Nsn1YmDS9i7dN2lbxmQ3OSPPj1riTX%2F%2BKzblaUVEIWvKiIWNZqMpQ8FkS9JQiOZ8KASrzcGpAspdGrvdViW5MvweiSrJ0x%2B9DEaP4PQRuHoJNAtA80Gz5oNuDMJ5H9vxYSIiYVVXVrnpQJgCSTqFdMvb1WfkxfFoXr18BsmPFx5eOZwOXvsT3BZIbIGP1c8EbX1vcNPkZO%2BmyR15tJqkqqO26Whst1KayssP35NbubFi%2Bbrrf%2F0WHxEjeHhbuvQGjYWK2458s6iEkHbJWC7JD8tuXbK1zG0sZjbOkhtrby8tdxIrnVMmHoKqk9V%2FwFVJpj79cbyQzz25C2WHsFmBTnZMJgFljsCTHbjkQr0zBFZf1LDEQ54VA1tjF5dalWS2OgUtjxf07zOfXP1lGpQVcPI%2FDy%2FwrruHtvVA0zvjVezaAl1dgOo%2BXPbMIE3s8cLjL0fxFZj2Bkxbb49pq%2B%2Bft9ep04psRH4k%2FZpkUYtFTeqLVhS2GG0FsskaNEDqSv4Er%2FwLAAD%2F%2FwEAAP%2F%2FWEg5IGwEAAA%3D HTTP/1.1
Host: frolicbrook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Cookie: u_pl=17340372; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecdf4b7efb45757e4dbe9ea4dd784ddb26=[2229214]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cc74889ba0dc09a61f48f3d853fcfbcd
Strict-Transport-Security: max-age=0; includeSubdomains
ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
67.202.105.24204 No Content 0 B URL HTTP/2 ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
IP 67.202.105.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP/1.1
Host: ssc-cms.33across.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-33x-status: 2000208
server: 33XP017
date: Sun, 22 Jan 2023 20:52:47 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f8c52b956fbaf5bc3f49ee4bf6a686ce
974bda7f3620ae0a58c010c83e2d68ec277d1472
6d88eb2530cd495bc8fbff04429d006c84185dc3addbfcb9db1e118d1b2bcaeb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 14:15:49 GMT
Expires: Sat, 28 Jan 2023 14:15:48 GMT
Etag: "974bda7f3620ae0a58c010c83e2d68ec277d1472"
Cache-Control: max-age=493980,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78db2ce67defb50f-OSL
cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
45.133.44.9200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash f4fabf64be47ce667e0cfc150667b36c
234d722efa06cbedfdad9c1bb497a942997741dd
272b7875492a55c6f53a4e4704e715cc5b3cc4e5093758cbfedd95441bfe98d8
GET /cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/jpeg
content-length: 27606
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:17:59 GMT
etag: "61124447-6bd6"
expires: Tue, 24 Jan 2023 20:52:47 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
p.rfihub.com/cm?pub=43153&in=1
193.0.160.128302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=43153&in=1
IP 193.0.160.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=43153&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 22 Jan 2023 20:52:47 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjM0BlKGxpaWQnyGut6lrkEFIYWmhhY-yQDP5-_lJQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 16 Feb 2024 20:52:47 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjM0BlKGxpaWQnyGut6lrkEFIYWmhhY-yQDP5-_lJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_1slzmtoZm5iYmRgbmZuYWQMAIUHjUQQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 16 Feb 2024 20:52:47 GMT; Secure; SameSite=None
Location: https://router.infolinks.com/dyn/zeta-usync?uid=5107433826133381399
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0363749749776c8a7380e09ccb98917c
2685d9ba9640a1ac0c980d3065dc3070f3e3a077
c95b206abff72c1f690041a5ecbbaea2f671c428785335cb0c39e8c3dc28bf08
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C95B206ABFF72C1F690041A5ECBBAEA2F671C428785335CB0C39E8C3DC28BF08"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13075
Expires: Mon, 23 Jan 2023 00:30:42 GMT
Date: Sun, 22 Jan 2023 20:52:47 GMT
Connection: keep-alive
de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
67.202.105.32200 OK 75 B URL HTTP/2 de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
IP 67.202.105.32:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 1ca09ed98f39d2adb7fab3878d13c0cb
da2a6f2431a34dfcc99b6f4500833f783f149d19
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
GET /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Mon, 23 Jan 2023 20:52:47 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Sun, 22 Jan 2023 20:52:47 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
router.infolinks.com/dyn/zmn-usync?uid=
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/zmn-usync?uid=
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/zmn-usync?uid= HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce64a0ab4f9-OSL
X-Firefox-Spdy: h2
router.infolinks.com/dyn/sonobi-usync?uid=481ad2e0-6c98-47b8-b7c3-350638957493
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/sonobi-usync?uid=481ad2e0-6c98-47b8-b7c3-350638957493
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/sonobi-usync?uid=481ad2e0-6c98-47b8-b7c3-350638957493 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: SONOBIUSERCOOKIE=481ad2e0-6c98-47b8-b7c3-350638957493; Domain=infolinks.com; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 22 Jan 2022 20:52:47 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce67a5bb4f9-OSL
X-Firefox-Spdy: h2
router.infolinks.com/dyn/zeta-usync?uid=5107433826133381399
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/zeta-usync?uid=5107433826133381399
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/zeta-usync?uid=5107433826133381399 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: ZTUSERCOOKIE=5107433826133381399; Domain=infolinks.com; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 22 Jan 2022 20:52:47 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce70b3bb4f9-OSL
X-Firefox-Spdy: h2
ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks
18.209.80.129302 Found 0 B URL HTTP/2 ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks
IP 18.209.80.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
location: https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy=
cache-control: no-store
pragma: no-cache
expires: 0
set-cookie: zeta-ssp-user-id=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a; Max-Age=31536000; Expires=Mon, 22 Jan 2024 20:52:47 GMT; Path=/; Domain=disqus.com; Secure; SameSite=None
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy=
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy=
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy= HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 20:52:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D14%26buyeruid%3D%24UID%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ%3D%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
AN-X-Request-Uuid: ce345622-8611-410a-9c8f-d992848fed69
Set-Cookie: uuid2=8453024707557175814; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 22-Apr-2023 20:52:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D14%26buyeruid%3D%24UID%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ%3D%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
185.89.210.90302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D14%26buyeruid%3D%24UID%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ%3D%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D14%26buyeruid%3D%24UID%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ%3D%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 20:52:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ssp.disqus.com/match?bidder=14&buyeruid=0&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy=
AN-X-Request-Uuid: fe006c90-3eb6-4b25-a437-5130ea4c60c2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
distributionrealmoth.com/pixel/purst?dl=0&th=0&sc=0&rs=2597&rd=2597&fd=765&bv=22.10.v.10&tmpl=136
192.243.61.227200 OK 0 B URL HTTP/1.1 distributionrealmoth.com/pixel/purst?dl=0&th=0&sc=0&rs=2597&rd=2597&fd=765&bv=22.10.v.10&tmpl=136
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2597&rd=2597&fd=765&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 20:52:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
resources.infolinks.com/js/1842.018-3.025.ab.1837.005-3.025/in_search.js
172.66.42.247200 OK 90 kB URL HTTP/2 resources.infolinks.com/js/1842.018-3.025.ab.1837.005-3.025/in_search.js
IP 172.66.42.247:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f4f44cb07afdaec3b3d79655a236d2df
30bc7f689bf13fb5afa590d2b3971bc5b2740249
be553edde66ea22904057bcf354986473762ea1acfd69cf183d3f2630a032b39
GET /js/1842.018-3.025.ab.1837.005-3.025/in_search.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: application/javascript
last-modified: Wed, 18 Jan 2023 06:52:22 GMT
etag: W/"37760-5f284421f9a9a"
cache-control: max-age=2592000
expires: Tue, 21 Feb 2023 19:36:24 GMT
via: 1.1 google
cf-cache-status: HIT
age: 4583
vary: Accept-Encoding
server: cloudflare
cf-ray: 78db2ce77bd8b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
rt3016.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22anesthesia%22%2C%22scs%22%3A%22iBFJ05hwoP%22%7D%5D&rid=fcde4461-3c58-4366-961b-a718bfbc75ee&jsv=1842.018-3.025.ab.1837.005-3.025&sr=1280X1002&rts=1674420766747&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&tzo=-0000&c=c&strg=true&rsd=adF1J5_9ECOinjLnqrGhGoLh1rqDrFdVp15rYnE-nRWnA09iderkJy21s1oWq0XAqrZxigl483VBnlCfOPlQtQuJJ6jGIm7Hlnpysx3VF3UftXYTG0Gtl3Ers8h0Dh2xnLZePs_nEjGPSyMPiimPYMVmlWIcPnyw&rsk=95&rcs=7aKTr4r3xWKM7mWcH9svuA&cuid=bf21e2fc-1769-4185-b8d7-671f0279eaee&hbnr=false
172.66.42.247200 OK 146 B URL HTTP/2 rt3016.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22anesthesia%22%2C%22scs%22%3A%22iBFJ05hwoP%22%7D%5D&rid=fcde4461-3c58-4366-961b-a718bfbc75ee&jsv=1842.018-3.025.ab.1837.005-3.025&sr=1280X1002&rts=1674420766747&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&tzo=-0000&c=c&strg=true&rsd=adF1J5_9ECOinjLnqrGhGoLh1rqDrFdVp15rYnE-nRWnA09iderkJy21s1oWq0XAqrZxigl483VBnlCfOPlQtQuJJ6jGIm7Hlnpysx3VF3UftXYTG0Gtl3Ers8h0Dh2xnLZePs_nEjGPSyMPiimPYMVmlWIcPnyw&rsk=95&rcs=7aKTr4r3xWKM7mWcH9svuA&cuid=bf21e2fc-1769-4185-b8d7-671f0279eaee&hbnr=false
IP 172.66.42.247:0
Hash ebbe5f29d5f37c774d7d5e5a60a412c0
3818d12a22e7fac856297222348ca4907f1baf7a
a0a269931042875817b7bd5d8f233ea6da0b6e464b00dfaa0e491296b009978b
GET /action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22anesthesia%22%2C%22scs%22%3A%22iBFJ05hwoP%22%7D%5D&rid=fcde4461-3c58-4366-961b-a718bfbc75ee&jsv=1842.018-3.025.ab.1837.005-3.025&sr=1280X1002&rts=1674420766747&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&tzo=-0000&c=c&strg=true&rsd=adF1J5_9ECOinjLnqrGhGoLh1rqDrFdVp15rYnE-nRWnA09iderkJy21s1oWq0XAqrZxigl483VBnlCfOPlQtQuJJ6jGIm7Hlnpysx3VF3UftXYTG0Gtl3Ers8h0Dh2xnLZePs_nEjGPSyMPiimPYMVmlWIcPnyw&rsk=95&rcs=7aKTr4r3xWKM7mWcH9svuA&cuid=bf21e2fc-1769-4185-b8d7-671f0279eaee&hbnr=false HTTP/1.1
Host: rt3016.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: text/html;charset=UTF-8
x-application-context: application:prod
cache-control: no-cache,no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP NID OUR COR"
content-language: en-US
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce86d2ab4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 51a8fc535637bd359bc9b70891571789
c2f493036df8ce22b3b1a207141ae55ae0fc777a
f9e31715fdff33aaa82d164c5ddeb20a026f8580fa845dc0395a70b8ae4d3e6d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3007
Cache-Control: max-age=149623
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:49 GMT
Etag: "63cd3bd9-13a"
Expires: Tue, 24 Jan 2023 14:26:32 GMT
Last-Modified: Sun, 22 Jan 2023 13:36:25 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 314
gum.criteo.com/syncframe?origin=rtus&topUrl=www.pdfdrive.com
178.250.2.146200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=www.pdfdrive.com
IP 178.250.2.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 336d3e015f987a65d205999a49be4805
57a3f572cd89347b5ead196670776134f1f0f69e
9621f1cc5441ed0d364b0fb9986a8c6742af2c5c356e6e4edb432728fe319ff3
GET /syncframe?origin=rtus&topUrl=www.pdfdrive.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=bdd15e98-3aa9-4fb6-8e6e-6bc57d1dfe59; expires=Fri, 16 Feb 2024 20:52:47 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 368892
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 8238a558aa69cd75eb27bf4730905bdd
115cd9b4750482985941543a9f49194c68d54283
52083387d47c845065f6bc4ce4c5b46507f4a591e2ca00bedf4d7d5213d908f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2518
Cache-Control: max-age=116063
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:49 GMT
Etag: "63ccbaaa-139"
Expires: Tue, 24 Jan 2023 05:07:12 GMT
Last-Modified: Sun, 22 Jan 2023 04:25:14 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 8238a558aa69cd75eb27bf4730905bdd
115cd9b4750482985941543a9f49194c68d54283
52083387d47c845065f6bc4ce4c5b46507f4a591e2ca00bedf4d7d5213d908f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2518
Cache-Control: max-age=116063
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:49 GMT
Etag: "63ccbaaa-139"
Expires: Tue, 24 Jan 2023 05:07:12 GMT
Last-Modified: Sun, 22 Jan 2023 04:25:14 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 445 B IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (504), with no line terminators
Hash 63624701bd3bfc133182f5046e55d99b
88073f5a43d18163f7b0e87b8edf9508c0028888
6246c4e130c9167f04d522bd1c3aeb1bdf4041bde7a119a1c2e87a8764eb295c
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=GwycBl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVlSE5QVmtrT3VhbUx4NWp3RHZsb3RaM0dHWXRURTVNUFMlMkJpeERSR2pXZA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=kuO1kl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVlSE5QVmtrT3VhbUx4NWp3RHZsb3ZMeDBrUkk1Z0EwJTJCaEFKeDRCUCUyQnpl; expires=Fri, 16 Feb 2024 20:52:49 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 352421
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e2dd99030a651f7c55a43cb3e9af13b1
5718ccba97a9a32b83045d7d4548ba751eb23c77
c33b2cf0c831448aaf3c9e03fc259db652ad7ea5034dea6e951f36a487d89158
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1541
Cache-Control: max-age=158239
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:49 GMT
Etag: "63cd633b-139"
Expires: Tue, 24 Jan 2023 16:50:08 GMT
Last-Modified: Sun, 22 Jan 2023 16:24:27 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 8.9 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
Hash 6d726b761cf40527daea94e8e3a799ce
b840c3c270e9601bb81e14254d54c2da16bf1930
cd06de19924ab5c7608d874e7bc0c5d5f5fb7ce118c18a2d7c0cdc5496d7b0d3
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pdfdrive.com/
x-crto-bundle: Jqgm3l9MbjNXSGJuSU9qYkVMVEhpQkZCQWgzdWRzUm9zbSUyRnglMkZvYWhqVlNDMVAlMkZIYzdEb0dYN2Q2cEpIcnAlMkZPNiUyQm91WG9lTG1mSGp0MWRmNElFJTJCWEREckxVNEVDMng2SjJaeUVPTWt2TVhUcWNjQXdmbFJqbmlzVTY0UkFDUDRQenNqTm1FaEY4TkVpTUM4UUd3bm1OMkNTU0ElM0QlM0Q
Origin: https://www.pdfdrive.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://www.pdfdrive.com
server-processing-duration-in-ticks: 2125980
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54bb2c2439cbf0cefc3075f25576f161
e4e506d7acc877b266c18ae6da3b948e0d41bb1e
8cfef01c8eea67086fdea9865d760f9ed1ecc15dc42f3b2c94fc85d609a31aa2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9334
x-amzn-requestid: 23f9071b-5274-4c6a-9a4a-d63ea74c7483
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNWQETCoAMFdjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c27-393e62854ba77f783f142985;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BWc9_KsIp1FH10PJZFoIteQrb0Q8cfqRN8RiynsqbHyFUHhDCxwqIw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:06 GMT
age: 83087
etag: "e4e506d7acc877b266c18ae6da3b948e0d41bb1e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
router.infolinks.com/usync/manage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/usync/manage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue
IP 172.66.42.247:0
GET /usync/manage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce1096eb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true
104.26.6.150200 OK 0 B URL HTTP/2 www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true
IP 104.26.6.150:0
GET /search?q=J.+B.+Eisenkraft&more=true HTTP/1.1
Host: www.pdfdrive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:45 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-cache, s-maxage=10
pragma: no-cache
set-cookie: pd_session=0mk1bugqk2jneaajl5clkcf159gvl9ko; path=/
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding
x-frame-options: sameorigin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYTvQIcrejigFYUdCl0%2F1zOwx00POVcAwvX6MEXgGBp1fG6xhkNpkfW5SMOF3zVU%2B1j0hOsXQsekVtQ%2Bndwy9LqlZLqTFPsC8IQ9PI5fnkwijtw4IiS29XHD1%2BzI2siijhw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78db2cd79cb5b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 424885
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
resources.infolinks.com/js/vidice/2.0/vidice.js
172.66.42.247200 OK 0 B URL HTTP/2 resources.infolinks.com/js/vidice/2.0/vidice.js
IP 172.66.42.247:0
GET /js/vidice/2.0/vidice.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: application/javascript
last-modified: Tue, 25 Jan 2022 09:20:02 GMT
etag: W/"5344d-5d6649709d511"
cache-control: max-age=2592000
expires: Tue, 21 Feb 2023 20:09:30 GMT
via: 1.1 google
cf-cache-status: HIT
age: 2598
vary: Accept-Encoding
server: cloudflare
cf-ray: 78db2ce8ee1eb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.170200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.170:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 64000
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
rt3016.infolinks.com/action/doq.htm?pcode=utf-8&r=16744207661411
172.66.42.247200 OK 0 B URL HTTP/2 rt3016.infolinks.com/action/doq.htm?pcode=utf-8&r=16744207661411
IP 172.66.42.247:0
POST /action/doq.htm?pcode=utf-8&r=16744207661411 HTTP/1.1
Host: rt3016.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4883
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html;charset=UTF-8
x-application-context: application:prod
access-control-allow-origin: https://www.pdfdrive.com
vary: Origin
access-control-allow-credentials: true
cache-control: no-cache,no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: cuid=bf21e2fc-1769-4185-b8d7-671f0279eaee; Domain=infolinks.com; Expires=Tue, 21-Jan-2025 20:52:47 GMT; Path=/; SameSite=None
p3p: CP="NON DSP NID OUR COR"
content-language: en-US
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce4bb210b31-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1674420767389
213.19.147.45302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1674420767389
IP 213.19.147.45:0
GET /usersync2/rmpssp?sub=infolinks&zcc=1&cb=1674420767389 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/ur-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.102200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.102:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 74859
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
resources.infolinks.com/js/infolinks_main.js
172.66.42.247200 OK 0 B URL HTTP/2 resources.infolinks.com/js/infolinks_main.js
IP 172.66.42.247:0
GET /js/infolinks_main.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 12:37:41 GMT
etag: W/"e20-5f2d98c74922b"
cache-control: max-age=3600
expires: Sun, 22 Jan 2023 21:37:52 GMT
via: 1.1 google
cf-cache-status: HIT
age: 894
vary: Accept-Encoding
server: cloudflare
cf-ray: 78db2cdbc866b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rmpssp?sub=infolinks
213.19.147.45302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=infolinks
IP 213.19.147.45:0
GET /usersync2/rmpssp?sub=infolinks HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-e0676745-f9d4-494c-865a-bedb69bb274d-003%22%2C%22zdxidn%22%3A%222069.56%22%7D; path=/; expires=Mon, 22 Jan 2024 20:52:47 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1674420767389
etag: RXe0676745f9d4494c865abedb69bb274d003
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
172.64.154.237200 OK 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
IP 172.64.154.237:0
GET /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html
cf-ray: 78db2ce41c070b02-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3iMKzH5UzAEc2M%2BrQhqt9lWice7PQHcPh8w1djE89IvZMAiH6JvuXPzCp35JjOo3IVOJj8lsUmvVFDWsTd1p7pk4I8BQJBP1Qc773UgWw3njzWZwyPoMS0YGqH1PQKnu4oF9nbyhr6F9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
router.infolinks.com/gsd?evt=afterGSD&pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&jsv=1842.018-3.025.ab.1837.005-3.025&_cb=16744207656640
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/gsd?evt=afterGSD&pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&jsv=1842.018-3.025.ab.1837.005-3.025&_cb=16744207656640
IP 172.66.42.247:0
GET /gsd?evt=afterGSD&pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&jsv=1842.018-3.025.ab.1837.005-3.025&_cb=16744207656640 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/javascript;charset=UTF-8
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: max-age=0
p3p: CP="NON DSP NID OUR COR"
set-cookie: cuid=bf21e2fc-1769-4185-b8d7-671f0279eaee; Domain=infolinks.com; Expires=Tue, 21-Jan-2025 20:52:47 GMT; Path=/; SameSite=None; Secure
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce30c95b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2