Report - www.pdfdrive.com/search?q=J.+B.+Eisenkraft

Report Overview

Submitted URL
www.pdfdrive.com/search?q=J.+B.+Eisenkraft
IP
104.26.7.150
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-22 20:52:56
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
cdn.taboola.com	1040	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	777 B	171 kB	151.101.193.44
pixel.advertising.com	337	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	887 B	3.126.56.137
resources.infolinks.com	8328	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	149 kB	172.66.42.247
u.openx.net	706	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	484 B	460 B	35.244.159.8
dnacdn.net	3760	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	511 B	1.2 kB	178.250.0.157
ssp.disqus.com	7563	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	472 B	645 B	18.209.80.129
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	4.0 kB	54.230.245.100
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	409 B	52.29.129.178
cms.quantserve.com	1064	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	589 B	91.228.74.251
p.rfihub.com	702	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	707 B	193.0.160.128
cdn.asaha.com	377824	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.6 kB	91 kB	188.40.148.218
router.infolinks.com	2643	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.7 kB	4.7 kB	172.66.42.247
ups.analytics.yahoo.com	287	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	2.0 kB	18.156.0.31
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	928 B	45 kB	104.17.25.14
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	17 kB	142.250.74.106
status.geotrust.com	3662	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.5 kB	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	964 B	34 kB	216.58.207.227
clouddecrease.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	10 kB	192.243.59.13
b1sync.zemanta.com	553	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	472 B	356 B	70.42.32.31
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	7.7 kB	142.250.74.131
ib.adnxs.com	241	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	6.4 kB	185.89.210.90
ap.lijit.com	666	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	455 B	275 B	216.52.2.48
image8.pubmatic.com	591	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	1.6 kB	185.64.190.79
sync.go.sonobi.com	986	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	460 B	22 kB	69.166.1.12
rt3016.infolinks.com	78242	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.2 kB	172.66.42.247
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	11 kB	23.36.76.226
www.pdfdrive.com	196284	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	854 B	1.8 kB	104.26.7.150
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	9.6 kB	93.184.220.29
cs.media.net	1838	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	497 B	757 B	23.38.200.22
frolicbrook.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	36 kB	192.243.59.20
ssc-cms.33across.com	851	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	484 B	120 B	67.202.105.24
de.tynt.com	1252	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	417 B	67.202.105.32
gum.criteo.com	381	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	15 kB	178.250.2.146
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	881 B	44 kB	104.18.11.207
ad.360yield.com	657	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	891 B	52.58.98.23
cdn.cloudimagesb.com	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	438 B	28 kB	45.133.44.9
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	21 kB	142.250.74.110
sync.1rx.io	528	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	18 kB	213.19.147.45
s.cpx.to	2014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	483 B	762 B	54.73.141.92
distributionrealmoth.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	454 B	467 B	192.243.61.227
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	31 kB	216.58.207.234
ssum-sec.casalemedia.com	509	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.9 kB	172.64.154.237
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	4.6 kB	192.124.249.23
onetag-sys.com	1840	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	496 B	113 B	51.89.9.253
trc-events.taboola.com	1779	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	632 B	163 B	141.226.228.48
ag.gbc.criteo.com	5925	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	492 B	185.235.84.102
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.69.176.248
play.google.com	34	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	784 B	142.250.74.78
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.8 kB	172.64.155.188
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	65 kB	34.120.237.76
gem.gbc.criteo.com	6039	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	492 B	178.250.6.170

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-22	medium	clouddecrease.com	Sinkholed
2023-01-22	medium	frolicbrook.com	Sinkholed
2023-01-22	medium	frolicbrook.com	Sinkholed
2023-01-22	medium	frolicbrook.com	Sinkholed
2023-01-22	medium	distributionrealmoth.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (33)

	URL	Size	First Seen	Last Seen
	resources.infolinks.com/js/1842.018-3.025.ab.1837.005-3.025/ice.js	185 kB	2023-03-13	2023-03-13
Pretty URL resources.infolinks.com/js/1842.018-3.025.ab.1837.005-3.025/ice.js IP 172.66.42.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:13:23 Last Seen2023-03-13 05:57:45 Times Seen1 Hash 03f7b204180e489448f66b53551dfdf0 3674281cd65f609ebe5c96e7a975ebd65cbb0051 ec8c5bf15b9aa2d2dcd83f0e150d6ded71c24f40e100af6efef8eb3451fcbc3e Loading...

	frolicbrook.com/a2/71/08/a2710803631d2a6fc90c289bfea08cdc.js	86 kB	2023-03-13	2023-03-13
Pretty URL frolicbrook.com/a2/71/08/a2710803631d2a6fc90c289bfea08cdc.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:50:49 Last Seen2023-03-13 05:45:20 Times Seen1 Hash b7e319b8d3e6d9f0540f8d548b86bfda b2b89226755d7bcc4617a733a3ad3252845cc254 41546a80d045211b4b28828e8bbcd3caf060777a5e794e809db0f3305c0eeafa Loading...

	gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS	30 kB	2023-03-07	2023-03-17
Pretty URL gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS IP 178.250.2.146 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:17:20 Last Seen2023-03-17 21:47:34 Times Seen1 Hash 49908b82b9e80d6ae18a2a5b3d383af9 b5fdbde84ebb8d44304a39a7eca9afc15fd0fc43 1294283dd1491c4767840ecaafa97659b0e3c560ef4048bd51907181c52af89e Loading...

	resources.infolinks.com/js/1842.018-3.025.ab.1837.005-3.025/in_search.js	227 kB	2023-03-09	2023-03-25
Pretty URL resources.infolinks.com/js/1842.018-3.025.ab.1837.005-3.025/in_search.js IP 172.66.42.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:02:38 Last Seen2023-03-25 23:23:24 Times Seen2 Hash c666aca68ea7ba3daaffcac45dd989e6 7683dd7703fe0aededbf6b931ff825ffdf343839 d7e24f5c06a55071ace58890ae968f2437d29f0332718689b5e086e55db291c1 Loading...

	rt3016.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22anesthesia%22%2C%22scs%22%3A%22iBFJ05hwoP%22%7D%5D&rid=fcde4461-3c58-4366-961b-a718bfbc75ee&jsv=1842.018-3.025.ab.1837.005-3.025&sr=1280X1002&rts=1674420766747&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&tzo=-0000&c=c&strg=true&rsd=adF1J5_9ECOinjLnqrGhGoLh1rqDrFdVp15rYnE-nRWnA09iderkJy21s1oWq0XAqrZxigl483VBnlCfOPlQtQuJJ6jGIm7Hlnpysx3VF3UftXYTG0Gtl3Ers8h0Dh2xnLZePs_nEjGPSyMPiimPYMVmlWIcPnyw&rsk=95&rcs=7aKTr4r3xWKM7mWcH9svuA&cuid=bf21e2fc-1769-4185-b8d7-671f0279eaee&hbnr=false	141 B	2023-03-13	2023-03-13
Pretty URL rt3016.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22anesthesia%22%2C%22scs%22%3A%22iBFJ05hwoP%22%7D%5D&rid=fcde4461-3c58-4366-961b-a718bfbc75ee&jsv=1842.018-3.025.ab.1837.005-3.025&sr=1280X1002&rts=1674420766747&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&tzo=-0000&c=c&strg=true&rsd=adF1J5_9ECOinjLnqrGhGoLh1rqDrFdVp15rYnE-nRWnA09iderkJy21s1oWq0XAqrZxigl483VBnlCfOPlQtQuJJ6jGIm7Hlnpysx3VF3UftXYTG0Gtl3Ers8h0Dh2xnLZePs_nEjGPSyMPiimPYMVmlWIcPnyw&rsk=95&rcs=7aKTr4r3xWKM7mWcH9svuA&cuid=bf21e2fc-1769-4185-b8d7-671f0279eaee&hbnr=false IP 172.66.42.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:20 Last Seen2023-03-13 05:45:20 Times Seen1 Hash 139e8746a0f943f82dbdfcf64737030f 679b02a2671b8fdc054d9a5bfa7e7793aa4b83d8 8ed1d43daedc83c9dc3b57e1055443a49b591af51c1e15694a4c47824ab90e98 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.bundle.min.js	68 kB	2023-03-07	2024-05-09
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.bundle.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:48 Last Seen2024-05-09 23:30:30 Times Seen1659 Hash 98d2c1da1c0a495f8fc8ad144ea1d3d2 a0f7a287003f6d0c8a2543e6183fdc14417b6793 bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db Loading...

	www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true	419 B	2023-03-07	2024-02-23
Pretty URL www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true IP 104.26.6.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:48 Last Seen2024-02-23 17:00:25 Times Seen139 Hash c037a20f12d33ce6bce5261e363d1e27 3021f70445a21df06292996594bd74f35e0173f7 b8fd60499a3c26869f9e88bc5484c675bf1780c2b7296db6b905aadb37997fa6 Loading...

	clouddecrease.com/df4b7efb45757e4dbe9ea4dd784ddb26/invoke.js	25 kB	2023-03-13	2023-03-13
Pretty URL clouddecrease.com/df4b7efb45757e4dbe9ea4dd784ddb26/invoke.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:20 Last Seen2023-03-13 05:45:20 Times Seen1 Hash a9a442f34ba00c768fc656ecc56b6c5a 77219ceff974acacb7f338d260ab4991d68e78af ac82413b7dcfdb1702ce1cf295d895ed24eab3f16a37e63c98f95f496ff8a36c Loading...

	www.pdfdrive.com/assets/js/select2.min.js.pagespeed.jm.9-i8koB7v5.js	67 kB	2023-03-07	2023-11-18
Pretty URL www.pdfdrive.com/assets/js/select2.min.js.pagespeed.jm.9-i8koB7v5.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:59 Last Seen2023-11-18 03:54:24 Times Seen4 Hash f7e8bc92807bbf9f6e238179ad908381 ea8a9ebd50eacb3bbcbcfd0fde9b34221696cefd ccd6a96975372400298454207091c5ee1c87bda8404c5fe3c4da8ccf0560874a Loading...

	www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true	237 B	2023-03-07	2023-03-17
Pretty URL www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true IP 104.26.6.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:48 Last Seen2023-03-17 10:41:50 Times Seen1 Hash 5fb0b2a43d197031873725a980ec3630 3a5b4e2beb6380d5addecc04e401d1b437abe6ab d8970a24bec2c8b0b234ca90cfc18ee92e7984a581f1424b4aebe28f552b361b Loading...

	router.infolinks.com/usync/lcmanage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue	0 B	2023-03-07	2024-05-10
Pretty URL router.infolinks.com/usync/lcmanage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue IP 172.66.42.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 20:12:26 Times Seen37519410 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV	4 B	2023-03-07	2024-05-10
Pretty URL de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV IP 67.202.105.32 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-05-10 10:18:42 Times Seen3084 Hash 350fd6ef6446635f7a8f608434a405ec a4b6c275ac2c80ec925b5c0c5c6abb79ba897356 d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179 Loading...

	gum.criteo.com/syncframe?origin=rtus&topUrl=www.pdfdrive.com#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22pdfdrive.com%22,%22topUrl%22:%22www.pdfdrive.com%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.16210623031518445%22%7D	14 kB	2023-03-07	2023-05-06
Pretty URL gum.criteo.com/syncframe?origin=rtus&topUrl=www.pdfdrive.com#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22pdfdrive.com%22,%22topUrl%22:%22www.pdfdrive.com%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.16210623031518445%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:36 Last Seen2023-05-06 00:14:31 Times Seen2035 Hash 49e65b540d43d40997ce3844d41b2dd0 b7331c5edc086ee2c7731b1b36e937e7c44450a7 f185c1b78d87a007d9492a85c6ce64c06cc851ef9f13ca3caf8aaafe243b0ac2 Loading...

	www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true	1.3 kB	2023-03-07	2024-05-07
Pretty URL www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true IP 104.26.6.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:48 Last Seen2024-05-07 16:47:52 Times Seen119 Hash 8e4425e6e46ea37b35e8f1fb95929528 21bfff8b397122c5459ec38a30e9070c6d9fc4c3 f8dd3e8ddf9d1c54977c82e6bca9aa5770efb58fa59b7a426004fdf548376708 Loading...

	router.infolinks.com/gsd?evt=afterGSD&pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&jsv=1842.018-3.025.ab.1837.005-3.025&_cb=16744207656640	317 B	2023-03-13	2023-03-13
Pretty URL router.infolinks.com/gsd?evt=afterGSD&pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&jsv=1842.018-3.025.ab.1837.005-3.025&_cb=16744207656640 IP 172.66.42.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:20 Last Seen2023-03-13 05:45:20 Times Seen1 Hash 923586ef53ac442fb98829fa0aa8ef70 6c35e060f57235f64bc37c12628453fb33e993ad 987900c10d63bf318c6caa664d0fa878c7e90928fa56367d572717c4a45fb557 Loading...

	www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true	96 B	2023-03-07	2024-02-23
Pretty URL www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true IP 104.26.6.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:48 Last Seen2024-02-23 17:00:25 Times Seen114 Hash e7527afd799a4dda7c5da13a7736baf1 ca49067fafe544874058bcf6cc1a0923fa2215a4 5d492c639810fd0001180d8ef60c5b4d8989b315f1d2db5557ca95474d0ca35b Loading...

	gum.criteo.com/syncframe?origin=rtus&topUrl=www.pdfdrive.com#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22pdfdrive.com%22,%22topUrl%22:%22www.pdfdrive.com%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.16210623031518445%22%7D	418 B	2023-03-07	2023-03-17
Pretty URL gum.criteo.com/syncframe?origin=rtus&topUrl=www.pdfdrive.com#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22pdfdrive.com%22,%22topUrl%22:%22www.pdfdrive.com%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.16210623031518445%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:53:17 Last Seen2023-03-17 21:47:34 Times Seen1 Hash 72ad3a00c4af14e8c301e9eafbe741ea 63dc5435a78e8b86fb54fa8be021d2f54b1903b1 d05385301aef1a77fd22c1c56c08102835063c8221b753de58aff20a800c95eb Loading...

	cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js	715 kB	2023-03-09	2023-03-13
Pretty URL cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js IP 151.101.193.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:23:46 Last Seen2023-03-13 20:14:36 Times Seen1 Hash 2d16ebf06f3b6d63283c99b612f59a20 4d16d0d0ee5442b4d8d228b904cb099310893b59 b96a281629dda172e65bc95d10d589a71b4b45edf4ee68a6d326789c9f66ab9d Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js	87 kB	2023-03-07	2024-05-10
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-10 20:03:31 Times Seen268197 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true	47 B	2023-03-07	2023-03-17
Pretty URL www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true IP 104.26.6.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:48 Last Seen2023-03-17 10:41:50 Times Seen1 Hash 6f7db91a6121e6912e5632823f326379 815ac3967f87622dd768f4956bcfe6c47714b8f5 a851b9b27f8a4424a213eb0f986e049660d24112827d8974e8d54ae5743a4828 Loading...

	www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true	299 B	2023-03-13	2023-03-13
Pretty URL www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true IP 104.26.6.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:20 Last Seen2023-03-13 05:45:20 Times Seen1 Hash 32caa20e302ed483208f65e163767858 17ebd89d5d93f13b2fcca19abd3831b94f2847c4 f4c1faacd11e4f3a0efccedfbc549786c04bd0cc10b440ddd9f8233f380b1169 Loading...

	resources.infolinks.com/js/infolinks_main.js	3.6 kB	2023-03-13	2023-03-13
Pretty URL resources.infolinks.com/js/infolinks_main.js IP 172.66.42.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:39:43 Last Seen2023-03-13 05:57:44 Times Seen1 Hash 8b06f5f068d63ca3c8f5dc46d0879e9b d81a43f48ded97791405ea642e30f8a62e2ea1d6 6192687635770afb21b3e4e7c028ded7de1147b469c5eb1582e5587da1331d41 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	router.infolinks.com/usync/manage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue	11 kB	2023-03-13	2023-03-13
Pretty URL router.infolinks.com/usync/manage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue IP 172.66.42.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:20 Last Seen2023-03-13 05:45:20 Times Seen1 Hash cd0838e476813d2c3019b2fe377478ee a0b1fb7f22120a932455f1c3cab617fb102f6b5e 89a73f5e3220c762e90e13331dfb4aaced63719ebaad5a9cdde7d87684e60cde Loading...

	imasdk.googleapis.com/js/sdkloader/ima3.js	378 kB	2023-03-13	2023-03-13
Pretty URL imasdk.googleapis.com/js/sdkloader/ima3.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:29:42 Last Seen2023-03-13 07:42:23 Times Seen1 Hash 3f30e41c02d863c02ba371af88161a92 bbef1a9a935f6ab70810d85c6a4b3be16591f3cb 341cac54e2233a3ea849713a87fce48e95ed8f3c8317c4d3bdcf0610da762e23 Loading...

	www.pdfdrive.com/assets/js/combined.js,qv3.84.pagespeed.jm.3BGFzs7v9X.js	67 kB	2023-03-07	2024-01-27
Pretty URL www.pdfdrive.com/assets/js/combined.js,qv3.84.pagespeed.jm.3BGFzs7v9X.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:48 Last Seen2024-01-27 22:07:32 Times Seen201 Hash dc1185ceceeff577473980019aa7658b cd308f48c6c75fed69d57b75773ec03e583e8954 319ac917e4ceded7298d80767f8124ccb65e7f70773d7edf5a66a6e8079b35f3 Loading...

	www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true	460 B	2023-03-07	2024-01-27
Pretty URL www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true IP 104.26.6.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:48 Last Seen2024-01-27 12:21:44 Times Seen112 Hash feeaca70c4607110fbb3a49acbd8ee59 66d472ae3a47d04e4dd98423beb549cb06e10554 a37eaef033b59c7c7e0243dbf360d540070f7b008a31955d6e12efad67b3f856 Loading...

	cdn.taboola.com/libtrc/asahainc/loader.js	87 kB	2023-03-09	2023-03-13
Pretty URL cdn.taboola.com/libtrc/asahainc/loader.js IP 151.101.193.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:33:36 Last Seen2023-03-13 05:45:20 Times Seen1 Hash 5dac8e0d4667c84262fa76c08e4bd3a5 cf7b30cd842f09241916bacf5abf785677caa9fa a603c296473372182a64dc22426c62b0ff0a4cf3077ad7cb4551110ea8ad5134 Loading...

	resources.infolinks.com/js/vidice/2.0/vidice.js	341 kB	2023-03-07	2023-05-04
Pretty URL resources.infolinks.com/js/vidice/2.0/vidice.js IP 172.66.42.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:48 Last Seen2023-05-04 11:33:30 Times Seen26 Hash ffcad864b6c0269f856045b47c807caa 06753d6e8fae84131ee9bb78f391c38ce6ffad41 b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f Loading...

	www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true	124 B	2023-03-13	2023-03-13
Pretty URL www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true IP 104.26.6.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:20 Last Seen2023-03-13 05:45:20 Times Seen1 Hash 302798950e2af981796f0bb562b4f2d0 8e2bbfcaa4f63538fc0a6075762b4aacb2efc16b fec73d7961c93dc927d11fefd05af0783d91a0f62bf8fe89df95e261027cb697 Loading...

	www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true	3.2 kB	2023-03-07	2023-03-13
Pretty URL www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true IP 104.26.6.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:59 Last Seen2023-03-13 17:59:00 Times Seen1 Hash d433fa4436fc63522024295f14b9ffa7 04a526ffead36732f7dd4a564baf50a497ff67c2 0dd4c6f9455c8c350ab87466641e20ac9ac331d8bf2605af5c595d10ac02c731 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 45052fabd8fca0af13f91e4a954a763d	3.8 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 05:39:44 Last Seen2023-03-13 05:57:45 Times Seen1 Hash 45052fabd8fca0af13f91e4a954a763d f2a6984bfaaebd77f640b52fbe8400279deca204 52032893776198203b7913a495de6c662b61869beebbcc964e9cae3eb59eb1c0 Loading...

	#2 Eval - 37cd3bd2adbd29e7fafaf20f77f4bf43	18 B	2023-03-07	2024-04-15
Pretty Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-15 12:57:44 Times Seen656 Hash 37cd3bd2adbd29e7fafaf20f77f4bf43 d4a665f4bf3dc9a6f3ea3a55c50c5a37c6bd05f5 0f3342bc14063d9ed7a669eb067b50ea17b2cb7dcb51968939b72fa9ac862d91 Loading...

HTTP Transactions (156)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16463
Expires: Mon, 23 Jan 2023 01:27:08 GMT
Date: Sun, 22 Jan 2023 20:52:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0be6cec5607bb65c06dbadd33456aec1
9d13129e936eb5fc82e403931884cdc8c6e6ab92
cb028034340b709ece65e45e8fc1a26a64dd85926beaa542f308d3f1d5ee2c84

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB028034340B709ECE65E45E8FC1A26A64DD85926BEAA542F308D3F1D5EE2C84"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19331
Expires: Mon, 23 Jan 2023 02:14:56 GMT
Date: Sun, 22 Jan 2023 20:52:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5763
Expires: Sun, 22 Jan 2023 22:28:48 GMT
Date: Sun, 22 Jan 2023 20:52:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 20:34:52 GMT
content-type: application/json
age: 1073
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: tWme/L9B61CkueERoTBj5m5JcoqNTh/QXi+to5IudGhRU5gStwRn4lEQD0/oq+yY1ttRkQrBGIw=
x-amz-request-id: WZTQCF1W1TR7JYT1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 20:47:26 GMT
age: 319
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.pdfdrive.com/search?q=J.+B.+Eisenkraft

104.26.7.150

301 Moved Permanently

0 B

URL HTTP/1.1
www.pdfdrive.com/search?q=J.+B.+Eisenkraft
IP
104.26.7.150:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search?q=J.+B.+Eisenkraft HTTP/1.1
Host: www.pdfdrive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 22 Jan 2023 20:52:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, s-maxage=10
Pragma: no-cache
Set-Cookie: pd_session=q7kfes7ij3t95abhsh68cigisoiieu5c; path=/
Location: https://www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true
X-Frame-Options: sameorigin
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApfPoR4xU6bV%2BdNrI57I40vIsGeGpPLlXCaUEdtHx8ZBhwsqXTPgi41qjL6B1Hq4evbn2K8ieyUoneL0m2J6u1XjN4pC7fJOCVAdowcuE26TXbyiNLhWH%2B04FxVSV4rn6GM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78db2cd55e7eb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 20:52:45 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 20:48:58 GMT
age: 227
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5276
Cache-Control: max-age=135718
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:45 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 10:34:43 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
a25567cb3f63e13ec07e671356f7ad5b
f7bc53deb15fdeca18806318bf7d3267b1766c7f
09cbab3f29c812e2bc1c54b9a6600899fdc64ce0479bcb314a92553069a95f9d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3032
Cache-Control: max-age=110811
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:45 GMT
Etag: "63cca420-118"
Expires: Tue, 24 Jan 2023 03:39:36 GMT
Last-Modified: Sun, 22 Jan 2023 02:49:04 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

104.17.25.14

200 OK

10 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (59158)
Size
10 kB (10480 bytes)
Hash
77c1af627ac0cf4a26f1f230c3328544
f99817795a5ae027a7212b040438e49248a483b6
0496a11101ffd6d8230b041623cc1bf58971b25acd684a23fe91d702c486d2c8

HTTP Headers

GET /ajax/libs/font-awesome/5.15.3/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pdfdrive.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:45 GMT
content-type: text/css; charset=utf-8
content-length: 10480
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60510736-e7d0"
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 261941
expires: Fri, 12 Jan 2024 20:52:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8hEPa%2FoaVqlsn8hpdnxi7wWn%2FNG%2B%2FX2Sga%2BSbMF5JGnzdF%2BLlZSR4rYAyf8HOxStOgv%2BFBiGGpHW3slTDf0SZg%2BCY0cSC0C9u3xUAyplHL93pHtZu0ImNSu5TufwwYzdOA0YPeL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78db2cdb5ccab505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
a25567cb3f63e13ec07e671356f7ad5b
f7bc53deb15fdeca18806318bf7d3267b1766c7f
09cbab3f29c812e2bc1c54b9a6600899fdc64ce0479bcb314a92553069a95f9d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3032
Cache-Control: max-age=110811
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:45 GMT
Etag: "63cca420-118"
Expires: Tue, 24 Jan 2023 03:39:36 GMT
Last-Modified: Sun, 22 Jan 2023 02:49:04 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
a25567cb3f63e13ec07e671356f7ad5b
f7bc53deb15fdeca18806318bf7d3267b1766c7f
09cbab3f29c812e2bc1c54b9a6600899fdc64ce0479bcb314a92553069a95f9d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3033
Cache-Control: max-age=110811
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Etag: "63cca420-118"
Expires: Tue, 24 Jan 2023 03:39:37 GMT
Last-Modified: Sun, 22 Jan 2023 02:49:04 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280

ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

216.58.207.234

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32030)
Size
30 kB (30244 bytes)
Hash
04ba0252a9f264db106d4eaab8df4ccb
cf52d9b3df7839c5c64fbf33aafeced74b3db750
397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2

HTTP Headers

GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 06:39:53 GMT
expires: Sat, 20 Jan 2024 06:39:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 223973
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.69.176.248

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.69.176.248:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LQtWWeQl5nLXMoRMVxOGuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X4+bOTmuS+pqktZsBN5vSWBmkBU=

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2

104.17.25.14

200 OK

32 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
32 kB (32233 bytes)
Hash
a7e7a5842db21b5b33f28bd12c7f034a
fc12e587b4983b73d9973ad53dd0f6fe635686f8
bbed2c02c916754cba9279dc3db97b86a7ae68b63d13bbbb1c4067f19fb04d5e

HTTP Headers

GET /ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 13276
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "60510736-33dc"
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 319330
expires: Fri, 12 Jan 2024 20:52:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KC9yTeE3D8F2Oe0%2BbJBpmV8dAALsKkws1PzXt9RarLtVRZKTIFu87e7voOVicIi3Gi6NvQ7GaPvAzmLiFCUvJw1etgi9i4lv5F%2BeAwWg8OA8oQfdVpLJ2G8hvVcslQ8Y7qHmziDv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78db2cdd98d5b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 19:33:54 GMT
expires: Thu, 18 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 350332
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Roboto:400,500,700

142.250.74.106

200 OK

16 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400,500,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
16 kB (16499 bytes)
Hash
f48608a54f009534883694ff7316ea90
a69cb42526e88fbb9bff39eb09c37ee1777ae9db
e4e6cc2322edfdbc86e071efc053da6b07a35cd9a519e8f1ea4c15f236e3a7f8

HTTP Headers

GET /css?family=Roboto:400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 20:52:46 GMT
date: Sun, 22 Jan 2023 20:52:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 07:51:59 GMT
expires: Thu, 18 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 392447
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7945a46ae34a1c31921c0679941222e
3d6a979e0d208362b2a00abab498cb6d1d629bc0
0a9e413dbd2e00dd5c6999121ef02cb3bd16c34127b0f1621580ee5340612904

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A9E413DBD2E00DD5C6999121EF02CB3BD16C34127B0F1621580EE5340612904"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2529
Expires: Sun, 22 Jan 2023 21:34:55 GMT
Date: Sun, 22 Jan 2023 20:52:46 GMT
Connection: keep-alive

stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.bundle.min.js

104.18.11.207

200 OK

21 kB

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.bundle.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65298)
Size
21 kB (20802 bytes)
Hash
7152e3165333877992a2cc61dceac3d0
d84f2391f4cb06f67fe5f2e08f9afc71736721c9
408c071ce153eb782ff321b3613e89c69ac0dcfb3013e8ef65348c6109bb0313

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.bundle.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 2021-08-02 21:17:38
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 396986276134bbfbb35a9dfcdfa6e51f
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 19869671
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78db2cdbbe9f1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da33f90fb2880d573a74e0f60ea1f314
23cca48e548048a546175921d10bc7fbdba363ac
5847b0aed31e76c4c5ebaf2277499106752964dac669272b6418fa188f78e545

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5847B0AED31E76C4C5EBAF2277499106752964DAC669272B6418FA188F78E545"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11579
Expires: Mon, 23 Jan 2023 00:05:45 GMT
Date: Sun, 22 Jan 2023 20:52:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da33f90fb2880d573a74e0f60ea1f314
23cca48e548048a546175921d10bc7fbdba363ac
5847b0aed31e76c4c5ebaf2277499106752964dac669272b6418fa188f78e545

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5847B0AED31E76C4C5EBAF2277499106752964DAC669272B6418FA188F78E545"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11579
Expires: Mon, 23 Jan 2023 00:05:45 GMT
Date: Sun, 22 Jan 2023 20:52:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da33f90fb2880d573a74e0f60ea1f314
23cca48e548048a546175921d10bc7fbdba363ac
5847b0aed31e76c4c5ebaf2277499106752964dac669272b6418fa188f78e545

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5847B0AED31E76C4C5EBAF2277499106752964DAC669272B6418FA188F78E545"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11579
Expires: Mon, 23 Jan 2023 00:05:45 GMT
Date: Sun, 22 Jan 2023 20:52:46 GMT
Connection: keep-alive

cdn.asaha.com/assets/thumbs/c32/c32342ecd2b8d2f19686267bb0ba7a9c-s.jpg

188.40.148.218

200 OK

9.0 kB

URL HTTP/1.1
cdn.asaha.com/assets/thumbs/c32/c32342ecd2b8d2f19686267bb0ba7a9c-s.jpg
IP
188.40.148.218:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Size
9.0 kB (9047 bytes)
Hash
8300f2229e4ff109f3f6e3f3f3bc1f11
1c716050b19eb90e19b9f30c9e7fcdf2599f81dc
b5414689f2b1d8a1e87c1826926bacfc779d8f6b390ed9921240e0fa6af44e0d

HTTP Headers

GET /assets/thumbs/c32/c32342ecd2b8d2f19686267bb0ba7a9c-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 19 Apr 2019 07:27:56 GMT
ETag: "2357-586dd0ebca29c"
Accept-Ranges: bytes
Content-Length: 9047
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.asaha.com/assets/thumbs/bc4/bc4853f80dc107e8ff8396f6e121ef6b-s.jpg

188.40.148.218

200 OK

6.1 kB

URL HTTP/1.1
cdn.asaha.com/assets/thumbs/bc4/bc4853f80dc107e8ff8396f6e121ef6b-s.jpg
IP
188.40.148.218:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Size
6.1 kB (6144 bytes)
Hash
55005de915eb35a4760924201a5039ed
214dd8d54b60bfc7588a0c50d63a175a02358b0d
7cad4527ca913ea9d607da926efc47d51a352e97c9fee8cc884c461f46423c90

HTTP Headers

GET /assets/thumbs/bc4/bc4853f80dc107e8ff8396f6e121ef6b-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 04 Apr 2019 13:12:44 GMT
ETag: "1800-585b42036fc79"
Accept-Ranges: bytes
Content-Length: 6144
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.asaha.com/assets/thumbs/b31/b311b61ea4b6ffd2115012574b25c88f-s.jpg

188.40.148.218

200 OK

6.9 kB

URL HTTP/1.1
cdn.asaha.com/assets/thumbs/b31/b311b61ea4b6ffd2115012574b25c88f-s.jpg
IP
188.40.148.218:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Size
6.9 kB (6850 bytes)
Hash
40feeec4ceb62030a0566524aa359f0a
b52afa22602b06c56175ca09a5cdb10c5f56d060
cbf6dc4701123b0a5fc01b0139e092a958ac48d6bbd5bbca88b128a25aeabeb6

HTTP Headers

GET /assets/thumbs/b31/b311b61ea4b6ffd2115012574b25c88f-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 11 Apr 2019 23:32:51 GMT
ETag: "1ac2-586499ad3751d"
Accept-Ranges: bytes
Content-Length: 6850
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.asaha.com/assets/thumbs/e26/e2686f6b35e8048f15a70a9a35dd2904-s.jpg

188.40.148.218

200 OK

5.4 kB

URL HTTP/1.1
cdn.asaha.com/assets/thumbs/e26/e2686f6b35e8048f15a70a9a35dd2904-s.jpg
IP
188.40.148.218:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 3\012- data
Size
5.4 kB (5386 bytes)
Hash
dfb16e94c136617c4fb6cd5cfc9765b1
ac4ba0ac9891cabd55c404e3a1571543f06bd19e
492083fce9e0d266e6bacbc4a15a49bc75c9a3a9fb383a7a7f5492181e32dff2

HTTP Headers

GET /assets/thumbs/e26/e2686f6b35e8048f15a70a9a35dd2904-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 12 Mar 2019 01:20:37 GMT
ETag: "150a-583db7f1d43d3"
Accept-Ranges: bytes
Content-Length: 5386
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.asaha.com/assets/thumbs/2e2/2e244f899b7d13f88b0040561a432ea7-s.jpg

188.40.148.218

200 OK

11 kB

URL HTTP/1.1
cdn.asaha.com/assets/thumbs/2e2/2e244f899b7d13f88b0040561a432ea7-s.jpg
IP
188.40.148.218:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Size
11 kB (10804 bytes)
Hash
ce6d423ef5060e62ea3f5a809946a694
6952d423fa2f6b8b7c5f29716f936b34cc1f5e3f
474f6ccfc834ad3189e22982bec6a82edc5d1db2c1c23937b33a7c9717bf2b9e

HTTP Headers

GET /assets/thumbs/2e2/2e244f899b7d13f88b0040561a432ea7-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 12 Apr 2019 14:45:29 GMT
ETag: "2a34-586565a9f96fa"
Accept-Ranges: bytes
Content-Length: 10804
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.asaha.com/assets/thumbs/f19/f190edf9e32c21ca88dd9ffc6292ac77-s.jpg

188.40.148.218

200 OK

3.6 kB

URL HTTP/1.1
cdn.asaha.com/assets/thumbs/f19/f190edf9e32c21ca88dd9ffc6292ac77-s.jpg
IP
188.40.148.218:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Size
3.6 kB (3626 bytes)
Hash
944e8f80408e00e9eb0baee7124a4d9e
5441a08a204eb07ca6ab672bfc32dcf769388a46
1c628163b2df8b39dba382df3c2e5f78305d891d534d6255d057af8746b94dfc

HTTP Headers

GET /assets/thumbs/f19/f190edf9e32c21ca88dd9ffc6292ac77-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 26 May 2019 14:04:17 GMT
ETag: "e2a-589cae84a6a91"
Accept-Ranges: bytes
Content-Length: 3626
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.asaha.com/assets/thumbs/61c/61c7a605bd2b422fabf59f546e6b268c-s.jpg

188.40.148.218

200 OK

7.9 kB

URL HTTP/1.1
cdn.asaha.com/assets/thumbs/61c/61c7a605bd2b422fabf59f546e6b268c-s.jpg
IP
188.40.148.218:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Size
7.9 kB (7890 bytes)
Hash
8026973be6b4c37890211f211fe8f8f0
2c184fd539cf0c6098090dd5a6de50a6b92d6612
0865cb55561d0d57943137b3775822082bb69dc09b37212fcad35c779a67ece7

HTTP Headers

GET /assets/thumbs/61c/61c7a605bd2b422fabf59f546e6b268c-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 28 Feb 2019 17:11:14 GMT
ETag: "1ed2-582f760b8fa78"
Accept-Ranges: bytes
Content-Length: 7890
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.asaha.com/assets/thumbs/b06/b06bb7f8ea0a928daf5ac1e1b72fddbd-s.jpg

188.40.148.218

200 OK

10 kB

URL HTTP/1.1
cdn.asaha.com/assets/thumbs/b06/b06bb7f8ea0a928daf5ac1e1b72fddbd-s.jpg
IP
188.40.148.218:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Size
10 kB (10321 bytes)
Hash
b2b29e46380c2dfef1813e8d2d9f8c8d
384d9daffc4a375a7c00d3f593d8182cb0b6131e
b2fd3d9d76db4d7d62e3bba9df02ea11e7340ca6598c866a4f6ba062fb1425c8

HTTP Headers

GET /assets/thumbs/b06/b06bb7f8ea0a928daf5ac1e1b72fddbd-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Jun 2019 01:49:17 GMT
ETag: "2851-58a61927dca64"
Accept-Ranges: bytes
Content-Length: 10321
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.asaha.com/assets/thumbs/52d/52df9a248db1612471038b7a5f696d60-s.jpg

188.40.148.218

200 OK

7.6 kB

URL HTTP/1.1
cdn.asaha.com/assets/thumbs/52d/52df9a248db1612471038b7a5f696d60-s.jpg
IP
188.40.148.218:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Size
7.6 kB (7601 bytes)
Hash
c7e78650e290fc3cfdd83e2bac941ef4
3079f453e0b9da28dcb6eb7bb3d2950ffcaa4030
1222b0dac197473183f6c954c99c04dd3a24917365c8d7c54d497be99548721d

HTTP Headers

GET /assets/thumbs/52d/52df9a248db1612471038b7a5f696d60-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 22 Feb 2019 19:56:35 GMT
ETag: "1db1-58280fcfa8fb8"
Accept-Ranges: bytes
Content-Length: 7601
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.asaha.com/assets/thumbs/a24/a2402aa47300f082a88e91f64aae60a9-s.jpg

188.40.148.218

200 OK

7.8 kB

URL HTTP/1.1
cdn.asaha.com/assets/thumbs/a24/a2402aa47300f082a88e91f64aae60a9-s.jpg
IP
188.40.148.218:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Size
7.8 kB (7764 bytes)
Hash
7ee95dc62645445707575556c6ed2057
b1f3adee545f3de8835dd71875b6aa461a8bbaa3
50a50730bd0c104f1aeaa5682ff509fb94abd91fd216f262f57bc5958ef6a1db

HTTP Headers

GET /assets/thumbs/a24/a2402aa47300f082a88e91f64aae60a9-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 14 Apr 2019 20:16:48 GMT
ETag: "1e54-5868337310452"
Accept-Ranges: bytes
Content-Length: 7764
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.asaha.com/assets/thumbs/576/5762f22b0c0477d82fc5166fbf2c1195-s.jpg

188.40.148.218

200 OK

1.8 kB

URL HTTP/1.1
cdn.asaha.com/assets/thumbs/576/5762f22b0c0477d82fc5166fbf2c1195-s.jpg
IP
188.40.148.218:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 3\012- data
Size
1.8 kB (1808 bytes)
Hash
3d60c0c4ffbbc251eca0524e11946807
bfb20b7c4d5edc3c7f15ee9c80e28fcf306c89ed
e8b61f15981160756db7726a710c60f8bc9a4ed209ec269d54b871a51fc57d99

HTTP Headers

GET /assets/thumbs/576/5762f22b0c0477d82fc5166fbf2c1195-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 05 Mar 2019 21:43:33 GMT
ETag: "710-5835fc3c4c4e8"
Accept-Ranges: bytes
Content-Length: 1808
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.asaha.com/assets/thumbs/cfa/cfaf05187807d47de98ae1bd6149e306-s.jpg

188.40.148.218

200 OK

3.8 kB

URL HTTP/1.1
cdn.asaha.com/assets/thumbs/cfa/cfaf05187807d47de98ae1bd6149e306-s.jpg
IP
188.40.148.218:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Size
3.8 kB (3791 bytes)
Hash
05a5d55d01950ec13b4c2ace2a412595
945d48349cd422f2db28cdc07c69fef653b2d76f
73f418004cc5d38af3a89581600f448324b4f3f689efb45020eca1c49de6463c

HTTP Headers

GET /assets/thumbs/cfa/cfaf05187807d47de98ae1bd6149e306-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 09 Mar 2019 17:14:46 GMT
ETag: "ecf-583ac79e86403"
Accept-Ranges: bytes
Content-Length: 3791
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.asaha.com/assets/thumbs/2b5/2b5e20d531cef2f11da9cf446272599b-s.jpg

188.40.148.218

200 OK

5.6 kB

URL HTTP/1.1
cdn.asaha.com/assets/thumbs/2b5/2b5e20d531cef2f11da9cf446272599b-s.jpg
IP
188.40.148.218:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 116x160, components 4\012- data
Size
5.6 kB (5621 bytes)
Hash
0ea91aa6617ade6ff2d468aa8dbbd5af
22ed94e61986671613309056e48241a007c15d4a
a6a41b3a3825978841b80baaf15311dc3397f0a147bc0b5372cfaf810bf3f629

HTTP Headers

GET /assets/thumbs/2b5/2b5e20d531cef2f11da9cf446272599b-s.jpg HTTP/1.1
Host: cdn.asaha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 13 Mar 2019 07:07:48 GMT
ETag: "15f5-583f476941a40"
Accept-Ranges: bytes
Content-Length: 5621
Cache-Control: max-age=31536000
Expires: Mon, 22 Jan 2024 20:52:46 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

clouddecrease.com/df4b7efb45757e4dbe9ea4dd784ddb26/invoke.js

192.243.59.13

200 OK

9.3 kB

URL HTTP/1.1
clouddecrease.com/df4b7efb45757e4dbe9ea4dd784ddb26/invoke.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
Unicode text, UTF-8 text, with very long lines (25094), with no line terminators
Size
9.3 kB (9303 bytes)
Hash
bfeeb154937591d8a1987a91edd0d369
50de696d92200534098112077bbc65fcd6431292
d6dacbe393a3c39580ae6783b8a58dc48ee5f711139f2abb9978a7242e942611

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /df4b7efb45757e4dbe9ea4dd784ddb26/invoke.js HTTP/1.1
Host: clouddecrease.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 22 Jan 2023 20:52:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6934ecedcf396a23e1563a016ed8a15a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

resources.infolinks.com/js/1842.018-3.025.ab.1837.005-3.025/ice.js

172.66.42.247

200 OK

58 kB

URL HTTP/2
resources.infolinks.com/js/1842.018-3.025.ab.1837.005-3.025/ice.js
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
58 kB (57470 bytes)
Hash
e214bb5ff201cae6440afedcc9807ba6
9cb8951c559cc76a8fb0fbc9b188078b38d58a17
07de1d3aa5959ed5c3eacda3542b9b9ecca6bec54444038af7ae839cce282934

HTTP Headers

GET /js/1842.018-3.025.ab.1837.005-3.025/ice.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-type: application/javascript
last-modified: Wed, 18 Jan 2023 06:52:22 GMT
etag: W/"2d37f-5f284421f9e82"
cache-control: max-age=2592000
expires: Tue, 21 Feb 2023 19:20:24 GMT
via: 1.1 google
cf-cache-status: HIT
age: 5542
vary: Accept-Encoding
server: cloudflare
cf-ray: 78db2ce05870b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b6a7b076a30a5406b12344e01ba2d7ea
17e8497f4041b0c7e6fe4a13cfc5fe634c622fc5
5c82bf44b7ea0d2399d52df26b0ebc574cea4c4ff5d34423d07a1fc20e2e3587

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 22 Jan 2023 20:41:07 GMT
expires: Sun, 22 Jan 2023 22:41:07 GMT
cache-control: public, max-age=7200
age: 699
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.taboola.com/libtrc/asahainc/loader.js

151.101.193.44

200 OK

22 kB

URL HTTP/2
cdn.taboola.com/libtrc/asahainc/loader.js
IP
151.101.193.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65508)
Size
22 kB (21821 bytes)
Hash
eaab536e6706e43693f6b648f7278703
61cfe2e91d2871dc90b32c9585afffcd5937d182
c627bc1999871daff491c3f7e30ba67671d91b1f37e200e27fc5d23b0e2fe21e

HTTP Headers

GET /libtrc/asahainc/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: y0TzCxJYhCeu3/NOzCNsb2Db0mFOgF6BO2qgA2YeHzL5GDLKh8l3rP2ieOCbx4gPKFj2zRx4ICw=
x-amz-request-id: 0T3H20CV7QSRFGJQ
last-modified: Thu, 15 Dec 2022 16:49:52 GMT
etag: "5dac8e0d4667c84262fa76c08e4bd3a5"
x-amz-version-id: nAh7PaY8DRUJzUurrCRQ44nReV5jRU2h
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 22 Jan 2023 20:52:46 GMT
via: 1.1 varnish
age: 78
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1674420767.826550,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 64
content-length: 21821
X-Firefox-Spdy: h2

play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png

142.250.74.78

302 Found

284 B

URL HTTP/2
play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
284 B (284 bytes)
Hash
9eb20e53f15c05dec7817750a07830e1
28c80c8b3546ead8bf99e0523cd85da02452d1c4
0de5342646b1fbde8390c9adfef31f1b443e2ccdeb921d90e037e04e61fb1214

HTTP Headers

GET /intl/en_us/badges/images/generic/en_badge_web_generic.png HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 20:52:46 GMT
server: sffe
content-length: 284
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b6a7b076a30a5406b12344e01ba2d7ea
17e8497f4041b0c7e6fe4a13cfc5fe634c622fc5
5c82bf44b7ea0d2399d52df26b0ebc574cea4c4ff5d34423d07a1fc20e2e3587

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bb5fac1f289cb91381d3d1a07094b179
df6f8fe7a21efb35290d24f2b8b0fe809cae8d33
34472778a647b2db33e669d8582b510d94d9e0d355d77c73d643b7495b0f6997

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4dab8a11f6f832896613d012233bf6ba
05fb1e721b40793fc921c840b2b89d732868184a
04948e2b6ac1e964c58eb5cdee1bbb5adc6d5a80edb63bf96e62426d19c2f5ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 20:52:46 GMT
Last-Modified: Sun, 22 Jan 2023 19:16:28 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CYPuX-AemuuwMGuLXcJZav1XUJdgVSt2xNjYXFvB0Vlzo41lSnfJVA==
Age: 5778

simplewebanalysis.com/stats

52.29.129.178

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.29.129.178:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
30b1659bf2140e3354abd46bd453dc84
a5bb2e7c7c084d23c560e593f8ede8aa65147e8d
17ef2673030011e69849d27dc4db19af1eb095805a68897d2f70ffcb365185c5

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.pdfdrive.com
access-control-allow-credentials: true
set-cookie: uid_id2=7c4c6654-71ad-4e95-9c48-2b98275e2c71:2:1; expires=Wed, 19 Jan 2033 20:52:46 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

1.3 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.3 kB (1260 bytes)
Hash
7f21c34b3bfa0cb62d7d69d5e6e8a62e
246e5b97717bffea4b00d065ce6379108f308b29
4b20ad4ba80bdf9aa035275e931df639a9ef7c7d2bb92933274433236ae7b1a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5313
Expires: Sun, 22 Jan 2023 22:21:20 GMT
Date: Sun, 22 Jan 2023 20:52:47 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F612dbd3f-3cd3-44bd-8729-b4d4aa118f87.jpeg

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F612dbd3f-3cd3-44bd-8729-b4d4aa118f87.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6102 bytes)
Hash
5b7dac109bc648666356225a0d21ed17
f07e82cffe064c296cb1b2c80f7b09feb7552bbe
cc8997d71cd85021addccb0f6a0f00edf95f9747333ff0a436581db4ede78f51

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F612dbd3f-3cd3-44bd-8729-b4d4aa118f87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6102
x-amzn-requestid: 256e7b90-3052-41f7-abcf-43c455a2ee7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOFfEZtIAMFWhA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d56-3237bb0a1f86766b5eb86e82;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:47:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8pl8mAIA_RrOxBgjRkNf9IgG3b7K8R7ypfXIF_APxZr3_2lYnIB8rA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 22:07:46 GMT
age: 81901
etag: "f07e82cffe064c296cb1b2c80f7b09feb7552bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8221 bytes)
Hash
6f86ec004a2042b4030cd2cce2bf1e1d
e3c00dcc55f095f03a6f4505960ac1cee0b3877c
64b5084d4145d5931af05c335d21e31e75db30b1f9e8a2efd92fc4cd0aa7ac07

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8221
x-amzn-requestid: 02db02af-4f05-450d-9370-0e7a9dda6948
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOEWGUMoAMF2QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d4e-050e7cdf21878aa159f36d0b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:46:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VtzsQ7NI9ODiQfxm_EaSDsizPQhDOSH3O23UEaHg1KI9bg8imLdOnw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:16 GMT
age: 83071
etag: "e3c00dcc55f095f03a6f4505960ac1cee0b3877c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8057 bytes)
Hash
4e71636bb9a13ad7d52d253e16cd6a3f
401dd58e34982d3434739b9a2f7182487ea1cac5
1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 5469b005-6740-4f3d-80ca-a45fd39cae68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkCFiZoAMF8oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c80-210da08f113a3273257b7d61;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: j3SoP46ER0JjOaLh363bQ9QW4ZIW19_rbgeQ7Ey8W-zgyGMMLSLccA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:17 GMT
etag: "401dd58e34982d3434739b9a2f7182487ea1cac5"
content-type: image/jpeg
age: 83070
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d78dc13-3c8d-4c31-8f64-3f9de4ba79d1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4796 bytes)
Hash
2aec02a691f126259e2a3c701e322ffe
af9161eefc1ee381a8f531c593ea7354d73493eb
e0094d54ca9bbbc4154abec2ce152453ddb1544e020b4a859e5da1f7073a26d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d78dc13-3c8d-4c31-8f64-3f9de4ba79d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4796
x-amzn-requestid: 9ad3dcbc-3d19-4619-a8cb-b316a8d51290
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7ULpHgKIAMFmYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79a4a-769bcf2f4d7787d007ec30e2;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:05:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -TjivJmHgT_N2QWC1rn8ng1sl5h53FcgoU9ALMINJEY6onseYEWGRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 08:07:27 GMT
age: 45920
etag: "af9161eefc1ee381a8f531c593ea7354d73493eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10988 bytes)
Hash
5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 03:24:49 GMT
age: 62878
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0b111b9-f539-44ed-9667-4c69b6c7fc17.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10204 bytes)
Hash
948fa7fe4ba4b6dd0d31cbcb06fc0957
664552f4c80796a63353e62196bd6e05177e4d95
342a38f0c7e058c3e5ef402df230c656926baea5e82f912ff5f1efb1889a6150

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0b111b9-f539-44ed-9667-4c69b6c7fc17.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10204
x-amzn-requestid: a3fe3da3-19c8-40cc-945a-12b9985a948e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYXGGAZoAMF6Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0760-3b65934a7cad371d7b049ae2;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KvDIbsxcuLhmy8IkuaziGP0ABqEEf-JVOezo1vUc8mDLf2-hvF6Xwg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 04:00:37 GMT
age: 60730
etag: "664552f4c80796a63353e62196bd6e05177e4d95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
564a72806387e81ebdfbb0129f353d18
bcb32589b0edca710946d1bb3c52984f83b16efa
68268133207de7b929dd9c222d67d1df50bc998bc42651da8ce10a0e43796816

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68268133207DE7B929DD9C222D67D1DF50BC998BC42651DA8CE10A0E43796816"
Last-Modified: Fri, 20 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6756
Expires: Sun, 22 Jan 2023 22:45:23 GMT
Date: Sun, 22 Jan 2023 20:52:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
564a72806387e81ebdfbb0129f353d18
bcb32589b0edca710946d1bb3c52984f83b16efa
68268133207de7b929dd9c222d67d1df50bc998bc42651da8ce10a0e43796816

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68268133207DE7B929DD9C222D67D1DF50BC998BC42651DA8CE10A0E43796816"
Last-Modified: Fri, 20 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9809
Expires: Sun, 22 Jan 2023 23:36:16 GMT
Date: Sun, 22 Jan 2023 20:52:47 GMT
Connection: keep-alive

cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js

151.101.193.44

200 OK

148 kB

URL HTTP/2
cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
IP
151.101.193.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65508)
Size
148 kB (148069 bytes)
Hash
1ece2524f4e13b48156b677a246be3e2
0d33cf3838f1d6e99b6df2bf9c42824b6e036331
b6c03171a2754b6acd58ad2c598e1e10c4d19c5e555627b767bae52f63ad6857

HTTP Headers

GET /libtrc/impl.20221215-12-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: A42zZb7068fFajUzWEgcXv2LDfrQjhbCQQNpupIV7nILSB5OQ9eOf9AJagA8sjb2JAevE+rUn0k=
x-amz-request-id: 44VF2FFJTFNTZMQP
last-modified: Mon, 19 Dec 2022 11:42:14 GMT
etag: "1ece2524f4e13b48156b677a246be3e2"
content-encoding: br
x-amz-version-id: MU1S4JEfWy4cxtfi5_yqUyVdR_QtkyMa
content-type: application/javascript
accept-ranges: bytes
date: Sun, 22 Jan 2023 20:52:47 GMT
via: 1.1 varnish
age: 7675
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1674420767.206337,VS0,VE1
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 2
server: AmazonS3-br
content-length: 148069
X-Firefox-Spdy: h2

status.geotrust.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.geotrust.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7c6bf9c5dd251c132a9dd2fd245d4cf1
eae67c09237f096192bed2dcd49a33faab402410
268736e0a2fcc9f57ef3ca0520e15cebc37ab60bc66b8610a105bbd5bb309ea5

HTTP Headers

POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4063
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Last-Modified: Sun, 22 Jan 2023 19:45:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6424e73a80bde44d808a2cd4833f0dd9
66c6174b2ce398b76b06ed0640159d4342be7373
62466c1fb7db40485fc89893bd8bb78edf6a5a1ecd177d1bf55b34b7dd06067d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2101
Cache-Control: max-age=134322
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd039c-1d7"
Expires: Tue, 24 Jan 2023 10:11:29 GMT
Last-Modified: Sun, 22 Jan 2023 09:36:28 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

router.infolinks.com/usync/lcmanage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue

172.66.42.247

200 OK

0 B

URL HTTP/2
router.infolinks.com/usync/lcmanage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/lcmanage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
cache-control: no-store
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce30c91b4f9-OSL
X-Firefox-Spdy: h2

ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID

185.89.210.90

307 Redirection

0 B

URL HTTP/1.1
ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
IP
185.89.210.90:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
AN-X-Request-Uuid: 02249a3b-8a8b-4fcc-ae2a-32ef634bab64
Set-Cookie: uuid2=3305077371833796672; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D

172.64.154.237

302 Found

12 B

URL HTTP/2
ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
IP
172.64.154.237:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
12 B (12 bytes)
Hash
bb9c1a9e52b90c314c8961bfd5e315d2
856997e7fe76d59e1c42ff85ba3139436229d9b4
e45c93b4400c851e909298469b6bfb4fad7f07f97e4f91cc522bbc88040814fd

HTTP Headers

GET /usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
location: /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
cf-ray: 78db2ce3ab8d0b02-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y82iHwFZ.dkAB90raIXEaQAA; Path=/; Domain=casalemedia.com; Expires=Mon, 22 Jan 2024 20:52:47 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1830; Path=/; Domain=casalemedia.com; Expires=Sat, 22 Apr 2023 20:52:47 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1830; Path=/; Domain=casalemedia.com; Expires=Sat, 22 Apr 2023 20:52:47 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59%2BlkcvCxDV%2BvCjUra%2BLLdFxFAYWBU2XZx7k6m5KcZZ4YPlviJQN5l%2BPv%2BHEDit7RXINJp%2BijRRdhzxCIMRAJk34wTaoKRJ6s%2Bv4vNF%2FChIL%2F7hadpW%2BEXQptyrDai%2FvI45MB9le8rka8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
12e5d9b5e263fdd42d7b52b8559df4ba
35390c11696db10e84f0d65614c126e7d57da88b
146923d8eb544505fb6d7f85eedc50a386b7244057340aa0f9eda4c477825eb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 13:55:56 GMT
Expires: Sat, 28 Jan 2023 13:55:55 GMT
Etag: "35390c11696db10e84f0d65614c126e7d57da88b"
Cache-Control: max-age=492787,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78db2ce3a94eb50f-OSL

u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D

35.244.159.8

200 OK

56 B

URL HTTP/2
u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
IP
35.244.159.8:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
56 B (56 bytes)
Hash
15669dda86db3cbff7835fa202dc0b16
ce788cab9c1aa7e458a3971a59702c410b37e64d
5cc3f958039a8885c4e9526e22d454da47d579b9a02861e7a60b41fa0ba910df

HTTP Headers

GET /w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP/1.1
Host: u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html
content-length: 56
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID

185.64.190.79

302 Found

267 B

URL HTTP/2
image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID
IP
185.64.190.79:0
ASN
#62713 AS-PUBMATIC

File type
HTML document, ASCII text
Size
267 B (267 bytes)
Hash
4c3b0ed5d0694dfc6293df9d26db3427
d24a807f496ede8c6860cdfaef65db160c5bd622
bd7d1d9ab7cd90754ced171b8a2a5f8585295a99cbdaeeb377019e772442efe4

HTTP Headers

GET /AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Sun, 22 Jan 2023 20:52:46 GMT
content-length: 267
X-Firefox-Spdy: h2

image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID

185.64.190.79

302 Found

272 B

URL HTTP/2
image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID
IP
185.64.190.79:0
ASN
#62713 AS-PUBMATIC

File type
HTML document, ASCII text
Size
272 B (272 bytes)
Hash
ebb92a4e4bfa9f49081d6d5490b87169
e986871fb2a1067935b9f45ff4ba155383056b29
fd3de728a94f948ba814f33b0020466ae949a4c493784a6b7a5f23687385747d

HTTP Headers

GET /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Sun, 22 Jan 2023 20:52:45 GMT
content-length: 272
X-Firefox-Spdy: h2

ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.pdfdrive.com%252Fsearch%253Fq%253DJ.%252BB.%252BEisenkraft%2526more%253Dtrue&pid=12306&adnxs_uid=$UID

185.89.210.90

307 Redirection

0 B

URL HTTP/1.1
ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.pdfdrive.com%252Fsearch%253Fq%253DJ.%252BB.%252BEisenkraft%2526more%253Dtrue&pid=12306&adnxs_uid=$UID
IP
185.89.210.90:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.pdfdrive.com%252Fsearch%253Fq%253DJ.%252BB.%252BEisenkraft%2526more%253Dtrue&pid=12306&adnxs_uid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.pdfdrive.com%25252Fsearch%25253Fq%25253DJ.%25252BB.%25252BEisenkraft%252526more%25253Dtrue%26pid%3D12306%26adnxs_uid%3D%24UID
AN-X-Request-Uuid: 98959e8b-2976-449c-8807-3ce405270563
Set-Cookie: uuid2=6806222058902591307; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E

23.38.200.22

302 Moved Temporarily

154 B

URL HTTP/1.1
cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
IP
23.38.200.22:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060

HTTP Headers

GET /cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E HTTP/1.1
Host: cs.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: Apache
Content-Length: 154
Content-Type: text/html
Location: https://router.infolinks.com/dyn/mnet-usync?uid=0000EEA
Set-Cookie: data-inf=setstatuscode~~41;Expires=Sat, 22 Apr 2023 20:52:47 GMT;path=/;domain=.media.net;
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
X-MNET-HL2: E
Expires: Sun, 22 Jan 2023 20:52:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 22 Jan 2023 20:52:47 GMT
Connection: keep-alive

185.64.190.79

200 OK

0 B

URL HTTP/2
image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1
IP
185.64.190.79:0
ASN
#62713 AS-PUBMATIC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
X-Firefox-Spdy: h2

185.64.190.79

200 OK

0 B

URL HTTP/2
image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1
IP
185.64.190.79:0
ASN
#62713 AS-PUBMATIC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-length: 0
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
7ef60e839dbeac80f9b9d04c8d675772
519f3f08267b6ad5edc410867d3ebbb5ab53cc1c
99245dbd8262b1fc447459709e9babb2b8afb1807b0dbc3ec816c6e9c2a2f6c1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4852
Cache-Control: max-age=151895
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd3d82-138"
Expires: Tue, 24 Jan 2023 15:04:22 GMT
Last-Modified: Sun, 22 Jan 2023 13:43:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
07a386cd54caf47f1721ea096723f97a
6febb519d7286067aff2d49ef00cb3b06f50ad50
da9696363cd10f4c812865d7b70059b374711bc3749392ef5148ed865e7f8f72

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4802
Cache-Control: max-age=157184
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd525d-1d7"
Expires: Tue, 24 Jan 2023 16:32:31 GMT
Last-Modified: Sun, 22 Jan 2023 15:12:29 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

router.infolinks.com/dyn/iq-usync

172.66.42.247

200 OK

0 B

URL HTTP/2
router.infolinks.com/dyn/iq-usync
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dyn/iq-usync HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/usync/manage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
cache-control: no-store
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce30c8fb4f9-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
07a386cd54caf47f1721ea096723f97a
6febb519d7286067aff2d49ef00cb3b06f50ad50
da9696363cd10f4c812865d7b70059b374711bc3749392ef5148ed865e7f8f72

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4802
Cache-Control: max-age=157184
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd525d-1d7"
Expires: Tue, 24 Jan 2023 16:32:31 GMT
Last-Modified: Sun, 22 Jan 2023 15:12:29 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

onetag-sys.com/usync/?pubId=598ce3ddaee8c90

51.89.9.253

204 No Content

0 B

URL HTTP/2
onetag-sys.com/usync/?pubId=598ce3ddaee8c90
IP
51.89.9.253:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?pubId=598ce3ddaee8c90 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2

ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID

185.89.210.90

302 Found

0 B

URL HTTP/1.1
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
IP
185.89.210.90:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://router.infolinks.com/dyn/apn-usync?user_id=0
AN-X-Request-Uuid: 003609e2-5623-4a54-88d8-abfd111b8e95
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

ups.analytics.yahoo.com/ups/58422/occ

18.156.0.31

302 Found

0 B

URL HTTP/2
ups.analytics.yahoo.com/ups/58422/occ
IP
18.156.0.31:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ups/58422/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBB-izWMCEIA_aZAlKk-mqj-ZCwPrnFoFEgEBAQHzzmPXYwAAAAAA_eMAAA&S=AQAAAhJbQ4DfGyAu4socv_8davA; Expires=Tue, 23 Jan 2024 02:52:47 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true

3.126.56.137

301 Moved Permanently

360 B

URL HTTP/2
pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
IP
3.126.56.137:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
360 B (360 bytes)
Hash
ef184c6b065a63adf6c94f609c0a0c72
12e8af72d7af8f029d4300991e1eda7ec9f2545b
b01d8ed4f119579d92815a648e454327ae4af8a4592e98462fb72f414ddba9af

HTTP Headers

GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP/1.1
Host: pixel.advertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Sun, 22 Jan 2023 20:52:47 GMT
server: ATS/9.1.10.25
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
content-type: text/html
content-language: en
set-cookie: A3=d=AQABBB-izWMCEOlYoOJ2ZvE3SSvixkuHnj8FEgEBAQHzzmPXYwAAAAAA_eMAAA&S=AQAAAhhey_KZGMOcu3fJ8qqvcPY; Expires=Tue, 23 Jan 2024 02:52:47 GMT; Max-Age=31557600; Domain=.advertising.com; Path=/; SameSite=None; Secure; HttpOnly
content-length: 360
X-Firefox-Spdy: h2

status.geotrust.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.geotrust.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7c6bf9c5dd251c132a9dd2fd245d4cf1
eae67c09237f096192bed2dcd49a33faab402410
268736e0a2fcc9f57ef3ca0520e15cebc37ab60bc66b8610a105bbd5bb309ea5

HTTP Headers

POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5528
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Last-Modified: Sun, 22 Jan 2023 19:20:39 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.pdfdrive.com%25252Fsearch%25253Fq%25253DJ.%25252BB.%25252BEisenkraft%252526more%25253Dtrue%26pid%3D12306%26adnxs_uid%3D%24UID

185.89.210.90

302 Found

0 B

URL HTTP/1.1
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.pdfdrive.com%25252Fsearch%25253Fq%25253DJ.%25252BB.%25252BEisenkraft%252526more%25253Dtrue%26pid%3D12306%26adnxs_uid%3D%24UID
IP
185.89.210.90:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.pdfdrive.com%25252Fsearch%25253Fq%25253DJ.%25252BB.%25252BEisenkraft%252526more%25253Dtrue%26pid%3D12306%26adnxs_uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&pid=12306&adnxs_uid=0
AN-X-Request-Uuid: 41ec593c-e1ef-4fea-bb10-872215bd6571
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
22d545cefdcd523199926afe1f1209fd
811e009f8a54d6e6f687f5b46957aff4b0660c94
8fb316683e2c8be4926990029703484aaef610f2e9f9be9bb332e248b68b9c55

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149416
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd339e-1d7"
Expires: Tue, 24 Jan 2023 14:23:03 GMT
Last-Modified: Sun, 22 Jan 2023 13:01:18 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YPZElMR8jxMX45wPHkaQ3lzIGiIGcuAJXLUjbGibLXv9zjKes_dyeA==
Age: 4905

router.infolinks.com/dyn/mnet-usync?uid=0000EEA

172.66.42.247

200 OK

35 B

URL HTTP/2
router.infolinks.com/dyn/mnet-usync?uid=0000EEA
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

HTTP Headers

GET /dyn/mnet-usync?uid=0000EEA HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: MNETUSERCOOKIE=0000EEA; Domain=infolinks.com; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 22 Jan 2022 20:52:47 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce44e9cb4f9-OSL
X-Firefox-Spdy: h2

ups.analytics.yahoo.com/ups/58422/occ?verify=true

18.156.0.31

204 No Content

0 B

URL HTTP/2
ups.analytics.yahoo.com/ups/58422/occ?verify=true
IP
18.156.0.31:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ups/58422/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sun, 22 Jan 2023 20:52:47 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBB-izWMCEABrkqECUNDM5BOqiKEK_xMFEgEBAQHzzmPXYwAAAAAA_eMAAA&S=AQAAAm0WQGXF8BU8mRsBUyuVwgg; Expires=Tue, 23 Jan 2024 02:52:47 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

frolicbrook.com/a2/71/08/a2710803631d2a6fc90c289bfea08cdc.js

192.243.59.20

200 OK

29 kB

URL HTTP/1.1
frolicbrook.com/a2/71/08/a2710803631d2a6fc90c289bfea08cdc.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28774 bytes)
Hash
d987b704df851d6a2b172edf97c1da8a
0d6cb65ef4eaed02639defb5de3c25591057fa48
e676b08b16fed4665fae897581943288e2bb97face68002972b60ececd5fd140

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /a2/71/08/a2710803631d2a6fc90c289bfea08cdc.js HTTP/1.1
Host: frolicbrook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 447a3c65fb78bb134f58fb0a1fc0017e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true

18.156.0.31

302 Found

0 B

URL HTTP/2
ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
IP
18.156.0.31:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBB-izWMCENeoZ6iH5TSHUesPx0ujOicFEgEBAQHzzmPXYwAAAAAA_eMAAA&S=AQAAAmxEva-lGkHEkR9qMYJE5xo; Expires=Tue, 23 Jan 2024 02:52:47 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

frolicbrook.com/ntv.json?key=df4b7efb45757e4dbe9ea4dd784ddb26&vstc=1

192.243.59.20

200 OK

4.1 kB

URL HTTP/1.1
frolicbrook.com/ntv.json?key=df4b7efb45757e4dbe9ea4dd784ddb26&vstc=1
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (4119), with no line terminators
Size
4.1 kB (4119 bytes)
Hash
ead61b46fbb2c0b0ae93d6eb528854b8
a36b6432422cddeaeb72d379a53699af32ae6a3e
745b096f4a9cdfb50f5f7bd8492f780fe6d01335916eb143221d42c348a3ab1b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ntv.json?key=df4b7efb45757e4dbe9ea4dd784ddb26&vstc=1 HTTP/1.1
Host: frolicbrook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/json
Content-Length: 4119
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.pdfdrive.com
Access-Control-Allow-Origin: https://www.pdfdrive.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17340372; expires=Mon, 23 Jan 2023 20:52:47 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Jan 2023 20:52:47 GMT; secure; SameSite=None
uncs=1; expires=Mon, 23 Jan 2023 20:52:47 GMT; secure; SameSite=None
pdhtkv49=true; expires=Mon, 23 Jan 2023 20:52:47 GMT; secure; SameSite=None
uncs49=1; expires=Mon, 23 Jan 2023 20:52:47 GMT; secure; SameSite=None
nlecdf4b7efb45757e4dbe9ea4dd784ddb26=[2229214]; expires=Sun, 22 Jan 2023 20:52:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fdb3b09696b21310b2a72b2077d8b3b9
Strict-Transport-Security: max-age=0; includeSubdomains

stackpath.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

104.18.11.207

200 OK

22 kB

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65325)
Size
22 kB (21860 bytes)
Hash
0521039971bb7128cbd3d4f7301c2392
e856e76bc39c3cf3e7c5dbba7ac318a8e69cb37e
58ba905cbbc06b830a676586e16c2c0385fda703d763849dae41c8fb70f20539

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 01/30/2022 11:18:43
cdn-edgestorageid: 756
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 4bb03228281b4b0985289509643bca81
cdn-cache: HIT
cf-cache-status: HIT
age: 19869756
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78db2cdb7e5f1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sync.1rx.io/usersync2/infolinks?zcc=1&cb=1674420767388

213.19.147.45

302 Found

35 B

URL HTTP/2
sync.1rx.io/usersync2/infolinks?zcc=1&cb=1674420767388
IP
213.19.147.45:0
ASN
#26120 RHYTHMONE

File type
GIF image data, version 87a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

HTTP Headers

GET /usersync2/infolinks?zcc=1&cb=1674420767388 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2

router.infolinks.com/dyn/ix-usync?uid=0

172.66.42.247

200 OK

35 B

URL HTTP/2
router.infolinks.com/dyn/ix-usync?uid=0
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

HTTP Headers

GET /dyn/ix-usync?uid=0 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssum-sec.casalemedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce47edeb4f9-OSL
X-Firefox-Spdy: h2

sync.1rx.io/usersync2/infolinks

213.19.147.45

302 Found

16 kB

URL HTTP/2
sync.1rx.io/usersync2/infolinks
IP
213.19.147.45:0
ASN
#26120 RHYTHMONE

File type
data
Size
16 kB (16498 bytes)
Hash
6815d7c737f34c721c4ee857910ba574
be7f85caf4b4034e2421f9ecc4643780a8189919
491487edf7e1091a28177f86c629f9d5191ea3d61f65a9d7f7ccea540a909997

HTTP Headers

GET /usersync2/infolinks HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-5e523a26-e9e8-45b6-aebe-1a6569ee965c-003%22%2C%22zdxidn%22%3A%222109%22%7D; path=/; expires=Mon, 22 Jan 2024 20:52:47 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1674420767388
etag: RX5e523a26e9e845b6aebe1a6569ee965c003
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
49f4099c273c6b5341600aaeb4396470
bc361fdc89efe73562b4af8fca1fce26afaad2cb
44744da2c501642aa4015c059a546328442ff0fa07b4e28ff2d2f563676442c9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101180
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cc8537-1d7"
Expires: Tue, 24 Jan 2023 00:59:07 GMT
Last-Modified: Sun, 22 Jan 2023 00:37:11 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hNcCwFlB8or7uyOjLZ9cZcbSPm0Ab1_YP_JkxEs-S70SrMqCx9OITQ==
Age: 1316

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
94a1022dd581ad036d18a2c99c15818e
6775b9e933b1d6b935537fdb128eca1b7726cfbb
535e9a818da1c51e183172f6df671716188cda8bdd587c76837a867d2784a810

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 21 Jan 2023 21:19:08 GMT
Expires: Sun, 22 Jan 2023 21:19:08 GMT
ETag: "6775b9e933b1d6b935537fdb128eca1b7726cfbb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true

18.156.0.31

204 No Content

0 B

URL HTTP/2
ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
IP
18.156.0.31:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sun, 22 Jan 2023 20:52:47 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBB-izWMCEKYy3G6Se0pvhlU5_1-98p0FEgEBAQHzzmPXYwAAAAAA_eMAAA&S=AQAAAj-akOG9jo3w7m1osDpNrWI; Expires=Tue, 23 Jan 2024 02:52:47 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0

91.228.74.251

302 Found

0 B

URL HTTP/2
cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
IP
91.228.74.251:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/p-u1vdacBMXAcfT.gif?idmatch=0 HTTP/1.1
Host: cms.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://router.infolinks.com/dyn/qc-usync?&uid=QFPuCRdSvAtbWOhYF1igCxJZ6V9bVegORlmgiaW5
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EF8BDQGOKM2aswA; expires=Sat, 22-Apr-2023 20:52:47 GMT; path=/; domain=.quantserve.com
mc=63cda21f-8e5a8-fd9d2-5ec09; expires=Thu, 22-Feb-2024 20:52:47 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2

ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531

52.58.98.23

302 Found

0 B

URL HTTP/2
ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
IP
52.58.98.23:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
set-cookie: tuuid=67464468-c001-496e-a191-7207ab2165ad; Expires=Sat, 22 Apr 2023 20:52:47 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1674420767; Expires=Sat, 22 Apr 2023 20:52:47 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
301d2c109bca66b8626ccc987d800908
69008a77c3c1858a8d178077e9720c362715df4e
455f5a207f4a05c0542e62c014dae49c2cf407f3aa17cdd86c50cbcbb37d9739

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2327
Cache-Control: max-age=108330
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cc9d32-1d7"
Expires: Tue, 24 Jan 2023 02:58:17 GMT
Last-Modified: Sun, 22 Jan 2023 02:19:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

router.infolinks.com/dyn/ur-usync?uid=OPTOUT

172.66.42.247

200 OK

35 B

URL HTTP/2
router.infolinks.com/dyn/ur-usync?uid=OPTOUT
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

HTTP Headers

GET /dyn/ur-usync?uid=OPTOUT HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: URUSERCOOKIE=OPTOUT; Domain=infolinks.com; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 22 Jan 2022 20:52:47 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce48eedb4f9-OSL
X-Firefox-Spdy: h2

ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID

216.52.2.48

204 No Content

0 B

URL HTTP/1.1
ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
IP
216.52.2.48:0
ASN
#29791 VOXEL-DOT-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Date: Sun, 22 Jan 2023 20:52:47 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap5ams1

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
a501f3b747b318a37ce010d0d596009c
c8a319fe3f6620684da93d06e4c66c82ecf05895
125a1a002ee07ef7a929032c9405b7afa3516937498b22653304bc508d43f5c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4101
Cache-Control: max-age=144656
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd242a-138"
Expires: Tue, 24 Jan 2023 13:03:43 GMT
Last-Modified: Sun, 22 Jan 2023 11:55:22 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
dcbaae1e7f3c02600153acb79718b564
0f9f92f60e3eec860e8d77116659731a377b453e
79a0d531c96ccf6e042ddeaa2c42d4827c30e23fae924710b7fe53a49ab801ca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 21 Jan 2023 21:03:45 GMT
Expires: Sun, 22 Jan 2023 21:03:45 GMT
ETag: "0f9f92f60e3eec860e8d77116659731a377b453e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531

52.58.98.23

200 OK

43 B

URL HTTP/2
ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
IP
52.58.98.23:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2

trc-events.taboola.com/asahainc/log/2/debug?tim=20%3A52%3A46.162&type=usage&msg=rtus&llvl=2&id=6844&cv=20221215-12-RELEASE&lt=deflated&uuid=4b54b40f975672ac07d937589199b185d89788aeec7cc4678eb72db480f7c66d&dcc=1&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/asahainc/log/2/debug?tim=20%3A52%3A46.162&type=usage&msg=rtus&llvl=2&id=6844&cv=20221215-12-RELEASE&lt=deflated&uuid=4b54b40f975672ac07d937589199b185d89788aeec7cc4678eb72db480f7c66d&dcc=1&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /asahainc/log/2/debug?tim=20%3A52%3A46.162&type=usage&msg=rtus&llvl=2&id=6844&cv=20221215-12-RELEASE&lt=deflated&uuid=4b54b40f975672ac07d937589199b185d89788aeec7cc4678eb72db480f7c66d&dcc=1&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Sun, 22 Jan 2023 20:52:47 GMT
x-fastly-to-nlb-rtt: 22380
access-control-allow-credentials: true
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
e15cf3abfd51b820848714be5b338395
eb85d60de39eb873bfba6603da5e216223a04147
67d2070428e9dbcaf8d880ed27e91947b40e2d3d25c6344cf3189b5a06425034

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 13:57:51 GMT
Expires: Sat, 28 Jan 2023 13:57:50 GMT
Etag: "eb85d60de39eb873bfba6603da5e216223a04147"
Cache-Control: max-age=492902,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78db2ce5c8970b69-OSL

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
20e85a6243a2fdb18c9653ff40fcfe11
712f65191ca92daa6524eb48b310ebdc669e6c38
591f76281635664c65a7e60eb72ab03e3084889c36da6ab48a9d353d526616b8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144435
Date: Sun, 22 Jan 2023 20:52:47 GMT
Etag: "63cd2576-1d7"
Expires: Tue, 24 Jan 2023 13:00:02 GMT
Last-Modified: Sun, 22 Jan 2023 12:00:54 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: L0jHc3Aetc_dx3TkiGh6hRodferidNfBDyLHDI594SRXoWot61LtdQ==
Age: 3548

b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__

70.42.32.31

302 Found

70 B

URL HTTP/1.1
b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
IP
70.42.32.31:0
ASN
#22075 AS-OUTBRAIN

File type
HTML document, ASCII text
Size
70 B (70 bytes)
Hash
16ccc9da763aca428789e4f469fc7ff1
4a873c523b8d9bdbc30b8c48189817413a19ee7a
5be7e833013b4b10333a904010b01217263df39c501a29b146d072110ceea4a1

HTTP Headers

GET /usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Content-Length: 70
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Sun, 22 Jan 2023 20:52:47 GMT

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
dd2096a4a7a5c3188c201786c1ac237e
109727a040df8cc210e6a2136e693b4250840781
2829dfd0e6ec9bf3983fe15523571ea19039f4d8cf78b25c891f73549ac9edb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 19:14:50 GMT
Expires: Thu, 26 Jan 2023 19:14:49 GMT
Etag: "109727a040df8cc210e6a2136e693b4250840781"
Cache-Control: max-age=339121,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78db2ce60d75b4f4-OSL

router.infolinks.com/dyn/qc-usync?&uid=QFPuCRdSvAtbWOhYF1igCxJZ6V9bVegORlmgiaW5

172.66.42.247

200 OK

35 B

URL HTTP/2
router.infolinks.com/dyn/qc-usync?&uid=QFPuCRdSvAtbWOhYF1igCxJZ6V9bVegORlmgiaW5
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

HTTP Headers

GET /dyn/qc-usync?&uid=QFPuCRdSvAtbWOhYF1igCxJZ6V9bVegORlmgiaW5 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: QCUSERCOOKIE=QFPuCRdSvAtbWOhYF1igCxJZ6V9bVegORlmgiaW5; Domain=infolinks.com; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 22 Jan 2022 20:52:47 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce58888b4f9-OSL
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
480a84860b5a64f7d266b7fa095c70a3
e4409d282dc6da24e38b759bf00be0dec31b8581
ae7169c9a001e909bf63fa5828d66ed267b951b14a7f967682fc08c1c6e5e229

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 11:33:39 GMT
Expires: Sun, 29 Jan 2023 11:33:38 GMT
Etag: "e4409d282dc6da24e38b759bf00be0dec31b8581"
Cache-Control: max-age=570650,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78db2ce52ba3b50f-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2b2efca8c8196585d979ceab9f57e43
f12e303169c0d0f56488c3c94f748e1d1c0f1c14
22827ebe7f1adc4d02d82b33af14e04f3b30c74ba3b8af90e0905c8e407fcd7b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22827EBE7F1ADC4D02D82B33AF14E04F3B30C74BA3B8AF90E0905C8E407FCD7B"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2776
Expires: Sun, 22 Jan 2023 21:39:03 GMT
Date: Sun, 22 Jan 2023 20:52:47 GMT
Connection: keep-alive

sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

69.166.1.12

302 Found

22 kB

URL HTTP/1.1
sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
IP
69.166.1.12:0
ASN
#27630 AS-XFERNET

File type
data
Size
22 kB (21632 bytes)
Hash
25732c5ea8b883b5456731900dfcdc07
879d1db7ad3539b241fc37c267665d6c50c2cf73
a9c8021baaf4c773797682cc61d6c9bb773f1360d208a17bf5ba9b3e5a2a6729

HTTP Headers

GET /us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP/1.1
Host: sync.go.sonobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-36
X-Xss-Protection: 0
Location: https://router.infolinks.com/dyn/sonobi-usync?uid=481ad2e0-6c98-47b8-b7c3-350638957493
Server: sonobi-go
Set-Cookie: __uis=481ad2e0-6c98-47b8-b7c3-350638957493; expires=Tue, 21 Feb 2023 20:52:46 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
HAPLB8S=s8536|Y82iI; path=/; domain=.go.sonobi.com; SameSite=None; secure

router.infolinks.com/dyn/apn-usync?user_id=0

172.66.42.247

200 OK

35 B

URL HTTP/2
router.infolinks.com/dyn/apn-usync?user_id=0
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

HTTP Headers

GET /dyn/apn-usync?user_id=0 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce4df70b4f9-OSL
X-Firefox-Spdy: h2

s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&pid=12306&adnxs_uid=0

54.73.141.92

200 OK

95 B

URL HTTP/1.1
s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&pid=12306&adnxs_uid=0
IP
54.73.141.92:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size
95 B (95 bytes)
Hash
9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

HTTP Headers

GET /ca.png?ref=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&pid=12306&adnxs_uid=0 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
pragma: no-cache, no-cache
set-cookie: cpSess=790006fbd658266; Expires=Mon, 22 Jan 2024 20:52:47 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
p3p: CP="NOI DEV ADM"
expires: Sun, 22 Jan 2023 20:52:47 UTC

frolicbrook.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3o0Y9KLBi7ji4EEUlkn3TE8m4x6CcY0E1yTuruRq%2FfWkTE1XU9U9PYmX6MKyx9mTP6fON8kG1yCud0UmgixhD2kEzcHcPQviUWYyEH3Q%2Fb6q7xV833vv7m52Rnxk9HTtfbOttKazjapfeX1dxcLkrrJyuxL4Vf9aZV3Fc%2BG1Sm%2F0s903A79R9d%2BovCv5ppmt%2BYHvB35QWVJWRqY3O2ahksNWUG351bBWDRohevb%2FZ5d5cNSD6J6RGShRPrXx%2BBEUHyLufHddus3UJFff6WSapsaiKw4%2BjDdjk8foXMDIeojig0k1jCsJ%2BeISTHwwcQDT3Rs5AFMl8X4LwOKDiUyw7v65UqYhYzDxLPLuEFIPoegQ3NyBEicE4AIrq4g7D1aMzenWOUtHbEmm%2Fv4LKi%2FJ1B8vIO58u6hVr3LL6CxVJnboRQVUbwjVHiLJjpBue1D5EXj6GZQgiDsFlCjGrpUaQkVDaNkHdR6y0ac8ZJGHLPHQEacV2mhFvt%2BMWFSvz4ec83qd88b8nGiIejgf%2Bcj4SFYfadIH131wu4PE7mBT3T9pzMBmP8FtFHDCg0tL4n2wg64okEuC3BHklCBXBHlKkHeLfaFdzRUPhHYZCya5Nsn1YmDS9i7dN2lbxmQ3OSPPj1riTX%2F%2BKzblaUVEIWvKiIWNZqMpQ8FkS9JQiOZ8KASrzcGpAspdGrvdViW5MvweiSrJ0x%2B9DEaP4PQRuHoJNAtA80Gz5oNuDMJ5H9vxYSIiYVVXVrnpQJgCSTqFdMvb1WfkxfFoXr18BsmPFx5eOZwOXvsT3BZIbIGP1c8EbX1vcNPkZO%2BmyR15tJqkqqO26Whst1KayssP35NbubFi%2Bbrrf%2F0WHxEjeHhbuvQGjYWK2458s6iEkHbJWC7JD8tuXbK1zG0sZjbOkhtrby8tdxIrnVMmHoKqk9V%2FwFVJpj79cbyQzz25C2WHsFmBTnZMJgFljsCTHbjkQr0zBFZf1LDEQ54VA1tjF5dalWS2OgUtjxf07zOfXP1lGpQVcPI%2FDy%2FwrruHtvVA0zvjVezaAl1dgOo%2BXPbMIE3s8cLjL0fxFZj2Bkxbb49pq%2B%2Bft9ep04psRH4k%2FZpkUYtFTeqLVhS2GG0FsskaNEDqSv4Er%2FwLAAD%2F%2FwEAAP%2F%2FWEg5IGwEAAA%3D

192.243.59.20

200 OK

7 B

URL HTTP/1.1
frolicbrook.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3o0Y9KLBi7ji4EEUlkn3TE8m4x6CcY0E1yTuruRq%2FfWkTE1XU9U9PYmX6MKyx9mTP6fON8kG1yCud0UmgixhD2kEzcHcPQviUWYyEH3Q%2Fb6q7xV833vv7m52Rnxk9HTtfbOttKazjapfeX1dxcLkrrJyuxL4Vf9aZV3Fc%2BG1Sm%2F0s903A79R9d%2BovCv5ppmt%2BYHvB35QWVJWRqY3O2ahksNWUG351bBWDRohevb%2FZ5d5cNSD6J6RGShRPrXx%2BBEUHyLufHddus3UJFff6WSapsaiKw4%2BjDdjk8foXMDIeojig0k1jCsJ%2BeISTHwwcQDT3Rs5AFMl8X4LwOKDiUyw7v65UqYhYzDxLPLuEFIPoegQ3NyBEicE4AIrq4g7D1aMzenWOUtHbEmm%2Fv4LKi%2FJ1B8vIO58u6hVr3LL6CxVJnboRQVUbwjVHiLJjpBue1D5EXj6GZQgiDsFlCjGrpUaQkVDaNkHdR6y0ac8ZJGHLPHQEacV2mhFvt%2BMWFSvz4ec83qd88b8nGiIejgf%2Bcj4SFYfadIH131wu4PE7mBT3T9pzMBmP8FtFHDCg0tL4n2wg64okEuC3BHklCBXBHlKkHeLfaFdzRUPhHYZCya5Nsn1YmDS9i7dN2lbxmQ3OSPPj1riTX%2F%2BKzblaUVEIWvKiIWNZqMpQ8FkS9JQiOZ8KASrzcGpAspdGrvdViW5MvweiSrJ0x%2B9DEaP4PQRuHoJNAtA80Gz5oNuDMJ5H9vxYSIiYVVXVrnpQJgCSTqFdMvb1WfkxfFoXr18BsmPFx5eOZwOXvsT3BZIbIGP1c8EbX1vcNPkZO%2BmyR15tJqkqqO26Whst1KayssP35NbubFi%2Bbrrf%2F0WHxEjeHhbuvQGjYWK2458s6iEkHbJWC7JD8tuXbK1zG0sZjbOkhtrby8tdxIrnVMmHoKqk9V%2FwFVJpj79cbyQzz25C2WHsFmBTnZMJgFljsCTHbjkQr0zBFZf1LDEQ54VA1tjF5dalWS2OgUtjxf07zOfXP1lGpQVcPI%2FDy%2FwrruHtvVA0zvjVezaAl1dgOo%2BXPbMIE3s8cLjL0fxFZj2Bkxbb49pq%2B%2Bft9ep04psRH4k%2FZpkUYtFTeqLVhS2GG0FsskaNEDqSv4Er%2FwLAAD%2F%2FwEAAP%2F%2FWEg5IGwEAAA%3D
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3o0Y9KLBi7ji4EEUlkn3TE8m4x6CcY0E1yTuruRq%2FfWkTE1XU9U9PYmX6MKyx9mTP6fON8kG1yCud0UmgixhD2kEzcHcPQviUWYyEH3Q%2Fb6q7xV833vv7m52Rnxk9HTtfbOttKazjapfeX1dxcLkrrJyuxL4Vf9aZV3Fc%2BG1Sm%2F0s903A79R9d%2BovCv5ppmt%2BYHvB35QWVJWRqY3O2ahksNWUG351bBWDRohevb%2FZ5d5cNSD6J6RGShRPrXx%2BBEUHyLufHddus3UJFff6WSapsaiKw4%2BjDdjk8foXMDIeojig0k1jCsJ%2BeISTHwwcQDT3Rs5AFMl8X4LwOKDiUyw7v65UqYhYzDxLPLuEFIPoegQ3NyBEicE4AIrq4g7D1aMzenWOUtHbEmm%2Fv4LKi%2FJ1B8vIO58u6hVr3LL6CxVJnboRQVUbwjVHiLJjpBue1D5EXj6GZQgiDsFlCjGrpUaQkVDaNkHdR6y0ac8ZJGHLPHQEacV2mhFvt%2BMWFSvz4ec83qd88b8nGiIejgf%2Bcj4SFYfadIH131wu4PE7mBT3T9pzMBmP8FtFHDCg0tL4n2wg64okEuC3BHklCBXBHlKkHeLfaFdzRUPhHYZCya5Nsn1YmDS9i7dN2lbxmQ3OSPPj1riTX%2F%2BKzblaUVEIWvKiIWNZqMpQ8FkS9JQiOZ8KASrzcGpAspdGrvdViW5MvweiSrJ0x%2B9DEaP4PQRuHoJNAtA80Gz5oNuDMJ5H9vxYSIiYVVXVrnpQJgCSTqFdMvb1WfkxfFoXr18BsmPFx5eOZwOXvsT3BZIbIGP1c8EbX1vcNPkZO%2BmyR15tJqkqqO26Whst1KayssP35NbubFi%2Bbrrf%2F0WHxEjeHhbuvQGjYWK2458s6iEkHbJWC7JD8tuXbK1zG0sZjbOkhtrby8tdxIrnVMmHoKqk9V%2FwFVJpj79cbyQzz25C2WHsFmBTnZMJgFljsCTHbjkQr0zBFZf1LDEQ54VA1tjF5dalWS2OgUtjxf07zOfXP1lGpQVcPI%2FDy%2FwrruHtvVA0zvjVezaAl1dgOo%2BXPbMIE3s8cLjL0fxFZj2Bkxbb49pq%2B%2Bft9ep04psRH4k%2FZpkUYtFTeqLVhS2GG0FsskaNEDqSv4Er%2FwLAAD%2F%2FwEAAP%2F%2FWEg5IGwEAAA%3D HTTP/1.1
Host: frolicbrook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Cookie: u_pl=17340372; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecdf4b7efb45757e4dbe9ea4dd784ddb26=[2229214]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cc74889ba0dc09a61f48f3d853fcfbcd
Strict-Transport-Security: max-age=0; includeSubdomains

ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X

67.202.105.24

204 No Content

0 B

URL HTTP/2
ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
IP
67.202.105.24:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP/1.1
Host: ssc-cms.33across.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
x-33x-status: 2000208
server: 33XP017
date: Sun, 22 Jan 2023 20:52:47 GMT
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f8c52b956fbaf5bc3f49ee4bf6a686ce
974bda7f3620ae0a58c010c83e2d68ec277d1472
6d88eb2530cd495bc8fbff04429d006c84185dc3addbfcb9db1e118d1b2bcaeb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 20:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 14:15:49 GMT
Expires: Sat, 28 Jan 2023 14:15:48 GMT
Etag: "974bda7f3620ae0a58c010c83e2d68ec277d1472"
Cache-Control: max-age=493980,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78db2ce67defb50f-OSL

cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg

45.133.44.9

200 OK

28 kB

URL HTTP/2
cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Size
28 kB (27606 bytes)
Hash
f4fabf64be47ce667e0cfc150667b36c
234d722efa06cbedfdad9c1bb497a942997741dd
272b7875492a55c6f53a4e4704e715cc5b3cc4e5093758cbfedd95441bfe98d8

HTTP Headers

GET /cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/jpeg
content-length: 27606
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:17:59 GMT
etag: "61124447-6bd6"
expires: Tue, 24 Jan 2023 20:52:47 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

p.rfihub.com/cm?pub=43153&in=1

193.0.160.128

302 Found

0 B

URL HTTP/1.1
p.rfihub.com/cm?pub=43153&in=1
IP
193.0.160.128:0
ASN
#54312 ROCKETFUEL

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cm?pub=43153&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Date: Sun, 22 Jan 2023 20:52:47 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjM0BlKGxpaWQnyGut6lrkEFIYWmhhY-yQDP5-_lJQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 16 Feb 2024 20:52:47 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjM0BlKGxpaWQnyGut6lrkEFIYWmhhY-yQDP5-_lJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_1slzmtoZm5iYmRgbmZuYWQMAIUHjUQQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 16 Feb 2024 20:52:47 GMT; Secure; SameSite=None
Location: https://router.infolinks.com/dyn/zeta-usync?uid=5107433826133381399
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0363749749776c8a7380e09ccb98917c
2685d9ba9640a1ac0c980d3065dc3070f3e3a077
c95b206abff72c1f690041a5ecbbaea2f671c428785335cb0c39e8c3dc28bf08

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C95B206ABFF72C1F690041A5ECBBAEA2F671C428785335CB0C39E8C3DC28BF08"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13075
Expires: Mon, 23 Jan 2023 00:30:42 GMT
Date: Sun, 22 Jan 2023 20:52:47 GMT
Connection: keep-alive

de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV

67.202.105.32

200 OK

75 B

URL HTTP/2
de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
IP
67.202.105.32:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
75 B (75 bytes)
Hash
1ca09ed98f39d2adb7fab3878d13c0cb
da2a6f2431a34dfcc99b6f4500833f783f149d19
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

HTTP Headers

GET /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
expires: Mon, 23 Jan 2023 20:52:47 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Sun, 22 Jan 2023 20:52:47 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

router.infolinks.com/dyn/zmn-usync?uid=

172.66.42.247

200 OK

35 B

URL HTTP/2
router.infolinks.com/dyn/zmn-usync?uid=
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

HTTP Headers

GET /dyn/zmn-usync?uid= HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce64a0ab4f9-OSL
X-Firefox-Spdy: h2

router.infolinks.com/dyn/sonobi-usync?uid=481ad2e0-6c98-47b8-b7c3-350638957493

172.66.42.247

200 OK

35 B

URL HTTP/2
router.infolinks.com/dyn/sonobi-usync?uid=481ad2e0-6c98-47b8-b7c3-350638957493
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

HTTP Headers

GET /dyn/sonobi-usync?uid=481ad2e0-6c98-47b8-b7c3-350638957493 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: SONOBIUSERCOOKIE=481ad2e0-6c98-47b8-b7c3-350638957493; Domain=infolinks.com; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 22 Jan 2022 20:52:47 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce67a5bb4f9-OSL
X-Firefox-Spdy: h2

router.infolinks.com/dyn/zeta-usync?uid=5107433826133381399

172.66.42.247

200 OK

35 B

URL HTTP/2
router.infolinks.com/dyn/zeta-usync?uid=5107433826133381399
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 87a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

HTTP Headers

GET /dyn/zeta-usync?uid=5107433826133381399 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: ZTUSERCOOKIE=5107433826133381399; Domain=infolinks.com; Expires=Sat, 22-Apr-2023 20:52:47 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Sat, 22 Jan 2022 20:52:47 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce70b3bb4f9-OSL
X-Firefox-Spdy: h2

ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks

18.209.80.129

302 Found

0 B

URL HTTP/2
ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks
IP
18.209.80.129:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-length: 0
location: https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy=
cache-control: no-store
pragma: no-cache
expires: 0
set-cookie: zeta-ssp-user-id=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a; Max-Age=31536000; Expires=Mon, 22 Jan 2024 20:52:47 GMT; Path=/; Domain=disqus.com; Secure; SameSite=None
X-Firefox-Spdy: h2

ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy=

185.89.210.90

307 Redirection

0 B

URL HTTP/1.1
ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy=
IP
185.89.210.90:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy= HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 20:52:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D14%26buyeruid%3D%24UID%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ%3D%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
AN-X-Request-Uuid: ce345622-8611-410a-9c8f-d992848fed69
Set-Cookie: uuid2=8453024707557175814; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 22-Apr-2023 20:52:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D14%26buyeruid%3D%24UID%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ%3D%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D

185.89.210.90

302 Found

0 B

URL HTTP/1.1
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D14%26buyeruid%3D%24UID%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ%3D%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D
IP
185.89.210.90:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D14%26buyeruid%3D%24UID%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ%3D%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 20:52:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ssp.disqus.com/match?bidder=14&buyeruid=0&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICDhs4AQ==&gdpr=&gdpr_consent=&us_privacy=
AN-X-Request-Uuid: fe006c90-3eb6-4b25-a437-5130ea4c60c2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

distributionrealmoth.com/pixel/purst?dl=0&th=0&sc=0&rs=2597&rd=2597&fd=765&bv=22.10.v.10&tmpl=136

192.243.61.227

200 OK

0 B

URL HTTP/1.1
distributionrealmoth.com/pixel/purst?dl=0&th=0&sc=0&rs=2597&rd=2597&fd=765&bv=22.10.v.10&tmpl=136
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2597&rd=2597&fd=765&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 20:52:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

resources.infolinks.com/js/1842.018-3.025.ab.1837.005-3.025/in_search.js

172.66.42.247

200 OK

90 kB

URL HTTP/2
resources.infolinks.com/js/1842.018-3.025.ab.1837.005-3.025/in_search.js
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
90 kB (89772 bytes)
Hash
f4f44cb07afdaec3b3d79655a236d2df
30bc7f689bf13fb5afa590d2b3971bc5b2740249
be553edde66ea22904057bcf354986473762ea1acfd69cf183d3f2630a032b39

HTTP Headers

GET /js/1842.018-3.025.ab.1837.005-3.025/in_search.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: application/javascript
last-modified: Wed, 18 Jan 2023 06:52:22 GMT
etag: W/"37760-5f284421f9a9a"
cache-control: max-age=2592000
expires: Tue, 21 Feb 2023 19:36:24 GMT
via: 1.1 google
cf-cache-status: HIT
age: 4583
vary: Accept-Encoding
server: cloudflare
cf-ray: 78db2ce77bd8b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

rt3016.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22anesthesia%22%2C%22scs%22%3A%22iBFJ05hwoP%22%7D%5D&rid=fcde4461-3c58-4366-961b-a718bfbc75ee&jsv=1842.018-3.025.ab.1837.005-3.025&sr=1280X1002&rts=1674420766747&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&tzo=-0000&c=c&strg=true&rsd=adF1J5_9ECOinjLnqrGhGoLh1rqDrFdVp15rYnE-nRWnA09iderkJy21s1oWq0XAqrZxigl483VBnlCfOPlQtQuJJ6jGIm7Hlnpysx3VF3UftXYTG0Gtl3Ers8h0Dh2xnLZePs_nEjGPSyMPiimPYMVmlWIcPnyw&rsk=95&rcs=7aKTr4r3xWKM7mWcH9svuA&cuid=bf21e2fc-1769-4185-b8d7-671f0279eaee&hbnr=false

172.66.42.247

200 OK

146 B

URL HTTP/2
rt3016.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22anesthesia%22%2C%22scs%22%3A%22iBFJ05hwoP%22%7D%5D&rid=fcde4461-3c58-4366-961b-a718bfbc75ee&jsv=1842.018-3.025.ab.1837.005-3.025&sr=1280X1002&rts=1674420766747&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&tzo=-0000&c=c&strg=true&rsd=adF1J5_9ECOinjLnqrGhGoLh1rqDrFdVp15rYnE-nRWnA09iderkJy21s1oWq0XAqrZxigl483VBnlCfOPlQtQuJJ6jGIm7Hlnpysx3VF3UftXYTG0Gtl3Ers8h0Dh2xnLZePs_nEjGPSyMPiimPYMVmlWIcPnyw&rsk=95&rcs=7aKTr4r3xWKM7mWcH9svuA&cuid=bf21e2fc-1769-4185-b8d7-671f0279eaee&hbnr=false
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
146 B (146 bytes)
Hash
ebbe5f29d5f37c774d7d5e5a60a412c0
3818d12a22e7fac856297222348ca4907f1baf7a
a0a269931042875817b7bd5d8f233ea6da0b6e464b00dfaa0e491296b009978b

HTTP Headers

GET /action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22anesthesia%22%2C%22scs%22%3A%22iBFJ05hwoP%22%7D%5D&rid=fcde4461-3c58-4366-961b-a718bfbc75ee&jsv=1842.018-3.025.ab.1837.005-3.025&sr=1280X1002&rts=1674420766747&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Firefox&bv=105.0&dv=p&ce=t&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&tzo=-0000&c=c&strg=true&rsd=adF1J5_9ECOinjLnqrGhGoLh1rqDrFdVp15rYnE-nRWnA09iderkJy21s1oWq0XAqrZxigl483VBnlCfOPlQtQuJJ6jGIm7Hlnpysx3VF3UftXYTG0Gtl3Ers8h0Dh2xnLZePs_nEjGPSyMPiimPYMVmlWIcPnyw&rsk=95&rcs=7aKTr4r3xWKM7mWcH9svuA&cuid=bf21e2fc-1769-4185-b8d7-671f0279eaee&hbnr=false HTTP/1.1
Host: rt3016.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: text/html;charset=UTF-8
x-application-context: application:prod
cache-control: no-cache,no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP NID OUR COR"
content-language: en-US
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce86d2ab4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
51a8fc535637bd359bc9b70891571789
c2f493036df8ce22b3b1a207141ae55ae0fc777a
f9e31715fdff33aaa82d164c5ddeb20a026f8580fa845dc0395a70b8ae4d3e6d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3007
Cache-Control: max-age=149623
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:49 GMT
Etag: "63cd3bd9-13a"
Expires: Tue, 24 Jan 2023 14:26:32 GMT
Last-Modified: Sun, 22 Jan 2023 13:36:25 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 314

gum.criteo.com/syncframe?origin=rtus&topUrl=www.pdfdrive.com

178.250.2.146

200 OK

5.1 kB

URL HTTP/2
gum.criteo.com/syncframe?origin=rtus&topUrl=www.pdfdrive.com
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Size
5.1 kB (5066 bytes)
Hash
336d3e015f987a65d205999a49be4805
57a3f572cd89347b5ead196670776134f1f0f69e
9621f1cc5441ed0d364b0fb9986a8c6742af2c5c356e6e4edb432728fe319ff3

HTTP Headers

GET /syncframe?origin=rtus&topUrl=www.pdfdrive.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=bdd15e98-3aa9-4fb6-8e6e-6bc57d1dfe59; expires=Fri, 16 Feb 2024 20:52:47 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 368892
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
8238a558aa69cd75eb27bf4730905bdd
115cd9b4750482985941543a9f49194c68d54283
52083387d47c845065f6bc4ce4c5b46507f4a591e2ca00bedf4d7d5213d908f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2518
Cache-Control: max-age=116063
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:49 GMT
Etag: "63ccbaaa-139"
Expires: Tue, 24 Jan 2023 05:07:12 GMT
Last-Modified: Sun, 22 Jan 2023 04:25:14 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
8238a558aa69cd75eb27bf4730905bdd
115cd9b4750482985941543a9f49194c68d54283
52083387d47c845065f6bc4ce4c5b46507f4a591e2ca00bedf4d7d5213d908f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2518
Cache-Control: max-age=116063
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:49 GMT
Etag: "63ccbaaa-139"
Expires: Tue, 24 Jan 2023 05:07:12 GMT
Last-Modified: Sun, 22 Jan 2023 04:25:14 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313

dnacdn.net/dna

178.250.0.157

200 OK

445 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type
JSON data\012- , ASCII text, with very long lines (504), with no line terminators
Size
445 B (445 bytes)
Hash
63624701bd3bfc133182f5046e55d99b
88073f5a43d18163f7b0e87b8edf9508c0028888
6246c4e130c9167f04d522bd1c3aeb1bdf4041bde7a119a1c2e87a8764eb295c

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=GwycBl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVlSE5QVmtrT3VhbUx4NWp3RHZsb3RaM0dHWXRURTVNUFMlMkJpeERSR2pXZA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=kuO1kl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVlSE5QVmtrT3VhbUx4NWp3RHZsb3ZMeDBrUkk1Z0EwJTJCaEFKeDRCUCUyQnpl; expires=Fri, 16 Feb 2024 20:52:49 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 352421
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
e2dd99030a651f7c55a43cb3e9af13b1
5718ccba97a9a32b83045d7d4548ba751eb23c77
c33b2cf0c831448aaf3c9e03fc259db652ad7ea5034dea6e951f36a487d89158

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1541
Cache-Control: max-age=158239
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 20:52:49 GMT
Etag: "63cd633b-139"
Expires: Tue, 24 Jan 2023 16:50:08 GMT
Last-Modified: Sun, 22 Jan 2023 16:24:27 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313

gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

178.250.2.146

200 OK

8.9 kB

URL HTTP/2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type
data
Size
8.9 kB (8851 bytes)
Hash
6d726b761cf40527daea94e8e3a799ce
b840c3c270e9601bb81e14254d54c2da16bf1930
cd06de19924ab5c7608d874e7bc0c5d5f5fb7ce118c18a2d7c0cdc5496d7b0d3

HTTP Headers

GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pdfdrive.com/
x-crto-bundle: Jqgm3l9MbjNXSGJuSU9qYkVMVEhpQkZCQWgzdWRzUm9zbSUyRnglMkZvYWhqVlNDMVAlMkZIYzdEb0dYN2Q2cEpIcnAlMkZPNiUyQm91WG9lTG1mSGp0MWRmNElFJTJCWEREckxVNEVDMng2SjJaeUVPTWt2TVhUcWNjQXdmbFJqbmlzVTY0UkFDUDRQenNqTm1FaEY4TkVpTUM4UUd3bm1OMkNTU0ElM0QlM0Q
Origin: https://www.pdfdrive.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://www.pdfdrive.com
server-processing-duration-in-ticks: 2125980
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9334 bytes)
Hash
54bb2c2439cbf0cefc3075f25576f161
e4e506d7acc877b266c18ae6da3b948e0d41bb1e
8cfef01c8eea67086fdea9865d760f9ed1ecc15dc42f3b2c94fc85d609a31aa2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9334
x-amzn-requestid: 23f9071b-5274-4c6a-9a4a-d63ea74c7483
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNWQETCoAMFdjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c27-393e62854ba77f783f142985;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BWc9_KsIp1FH10PJZFoIteQrb0Q8cfqRN8RiynsqbHyFUHhDCxwqIw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:06 GMT
age: 83087
etag: "e4e506d7acc877b266c18ae6da3b948e0d41bb1e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

router.infolinks.com/usync/manage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue

172.66.42.247

200 OK

0 B

URL HTTP/2
router.infolinks.com/usync/manage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /usync/manage?pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce1096eb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true

104.26.6.150

200 OK

0 B

URL HTTP/2
www.pdfdrive.com/search?q=J.+B.+Eisenkraft&more=true
IP
104.26.6.150:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /search?q=J.+B.+Eisenkraft&more=true HTTP/1.1
Host: www.pdfdrive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:45 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-cache, s-maxage=10
pragma: no-cache
set-cookie: pd_session=0mk1bugqk2jneaajl5clkcf159gvl9ko; path=/
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding
x-frame-options: sameorigin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYTvQIcrejigFYUdCl0%2F1zOwx00POVcAwvX6MEXgGBp1fG6xhkNpkfW5SMOF3zVU%2B1j0hOsXQsekVtQ%2Bndwy9LqlZLqTFPsC8IQ9PI5fnkwijtw4IiS29XHD1%2BzI2siijhw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78db2cd79cb5b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

178.250.2.146

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 424885
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

resources.infolinks.com/js/vidice/2.0/vidice.js

172.66.42.247

200 OK

0 B

URL HTTP/2
resources.infolinks.com/js/vidice/2.0/vidice.js
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/vidice/2.0/vidice.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: application/javascript
last-modified: Tue, 25 Jan 2022 09:20:02 GMT
etag: W/"5344d-5d6649709d511"
cache-control: max-age=2592000
expires: Tue, 21 Feb 2023 20:09:30 GMT
via: 1.1 google
cf-cache-status: HIT
age: 2598
vary: Accept-Encoding
server: cloudflare
cf-ray: 78db2ce8ee1eb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

178.250.6.170

200 OK

0 B

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
178.250.6.170:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 64000
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

rt3016.infolinks.com/action/doq.htm?pcode=utf-8&r=16744207661411

172.66.42.247

200 OK

0 B

URL HTTP/2
rt3016.infolinks.com/action/doq.htm?pcode=utf-8&r=16744207661411
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /action/doq.htm?pcode=utf-8&r=16744207661411 HTTP/1.1
Host: rt3016.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4883
Origin: https://www.pdfdrive.com
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html;charset=UTF-8
x-application-context: application:prod
access-control-allow-origin: https://www.pdfdrive.com
vary: Origin
access-control-allow-credentials: true
cache-control: no-cache,no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: cuid=bf21e2fc-1769-4185-b8d7-671f0279eaee; Domain=infolinks.com; Expires=Tue, 21-Jan-2025 20:52:47 GMT; Path=/; SameSite=None
p3p: CP="NON DSP NID OUR COR"
content-language: en-US
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce4bb210b31-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1674420767389

213.19.147.45

302 Found

0 B

URL HTTP/2
sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1674420767389
IP
213.19.147.45:0
ASN
#26120 RHYTHMONE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /usersync2/rmpssp?sub=infolinks&zcc=1&cb=1674420767389 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/ur-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2

ag.gbc.criteo.com/newidsd

185.235.84.102

200 OK

0 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
185.235.84.102:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:48 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 74859
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

resources.infolinks.com/js/infolinks_main.js

172.66.42.247

200 OK

0 B

URL HTTP/2
resources.infolinks.com/js/infolinks_main.js
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/infolinks_main.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:46 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 12:37:41 GMT
etag: W/"e20-5f2d98c74922b"
cache-control: max-age=3600
expires: Sun, 22 Jan 2023 21:37:52 GMT
via: 1.1 google
cf-cache-status: HIT
age: 894
vary: Accept-Encoding
server: cloudflare
cf-ray: 78db2cdbc866b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

sync.1rx.io/usersync2/rmpssp?sub=infolinks

213.19.147.45

302 Found

0 B

URL HTTP/2
sync.1rx.io/usersync2/rmpssp?sub=infolinks
IP
213.19.147.45:0
ASN
#26120 RHYTHMONE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /usersync2/rmpssp?sub=infolinks HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-e0676745-f9d4-494c-865a-bedb69bb274d-003%22%2C%22zdxidn%22%3A%222069.56%22%7D; path=/; expires=Mon, 22 Jan 2024 20:52:47 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1674420767389
etag: RXe0676745f9d4494c865abedb69bb274d003
X-Firefox-Spdy: h2

ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

172.64.154.237

200 OK

0 B

URL HTTP/2
ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
IP
172.64.154.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/html
cf-ray: 78db2ce41c070b02-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3iMKzH5UzAEc2M%2BrQhqt9lWice7PQHcPh8w1djE89IvZMAiH6JvuXPzCp35JjOo3IVOJj8lsUmvVFDWsTd1p7pk4I8BQJBP1Qc773UgWw3njzWZwyPoMS0YGqH1PQKnu4oF9nbyhr6F9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

router.infolinks.com/gsd?evt=afterGSD&pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&jsv=1842.018-3.025.ab.1837.005-3.025&_cb=16744207656640

172.66.42.247

200 OK

0 B

URL HTTP/2
router.infolinks.com/gsd?evt=afterGSD&pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&jsv=1842.018-3.025.ab.1837.005-3.025&_cb=16744207656640
IP
172.66.42.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /gsd?evt=afterGSD&pid=3213572&wsid=0&pdom=www.pdfdrive.com&purl=https%3A%2F%2Fwww.pdfdrive.com%2Fsearch%3Fq%3DJ.%2BB.%2BEisenkraft%26more%3Dtrue&jsv=1842.018-3.025.ab.1837.005-3.025&_cb=16744207656640 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pdfdrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Jan 2023 20:52:47 GMT
content-type: text/javascript;charset=UTF-8
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: max-age=0
p3p: CP="NON DSP NID OUR COR"
set-cookie: cuid=bf21e2fc-1769-4185-b8d7-671f0279eaee; Domain=infolinks.com; Expires=Tue, 21-Jan-2025 20:52:47 GMT; Path=/; SameSite=None; Secure
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78db2ce30c95b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML