pdfarsivci.com Open in urlscan Pro
2606:4700:3037::6815:5003 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://new.run.place/?x=5508.2079.4311.7132.2542.
Effective URL:
https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Submission: On February 08 via api (February 8th 2024, 11:43:41 pm UTC) from US — Scanned from US

Summary HTTP 125 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 15 domains to perform 125 HTTP transactions. The main IP is 2606:4700:3037::6815:5003, located in United States and belongs to CLOUDFLARENET, US. The main domain is pdfarsivci.com.
TLS certificate: Issued by E1 on December 11th 2023. Valid for: 3 months.

This is the only time pdfarsivci.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	95.47.161.64 95.47.161.64	12722 (RECONN) (RECONN)
1	192.0.78.27 192.0.78.27	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	2606:4700:303... 2606:4700:3030::ac43:b408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.162.87.220 185.162.87.220	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a02:b4a:1:7:... 2a02:b4a:1:7::9273:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	2a02:b4a:1:7:... 2a02:b4a:1:7::9274:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	2606:4700:303... 2606:4700:3036::6815:46b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::ac43:ac54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 40	2606:4700:303... 2606:4700:3037::6815:5003	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
1 7	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:80b::2002	() ()
6	2607:f8b0:400... 2607:f8b0:4006:80c::2003	() ()
8	2607:f8b0:400... 2607:f8b0:4006:809::2003	() ()
3 10	2607:f8b0:400... 2607:f8b0:4006:809::2002	() ()
11	2607:f8b0:400... 2607:f8b0:4006:824::200e	() ()
19	2607:f8b0:400... 2607:f8b0:4006:816::2001	() ()
3	2607:f8b0:400... 2607:f8b0:4006:80f::2002	() ()
6	142.251.40.226 142.251.40.226	() ()
125	16

1 95.47.161.64 (Donetsk, Ukraine) 1 redirects

ASN12722 (RECONN, RU)

new.run.place	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.27 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

href.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:b408 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

idygez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.162.87.220 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ypupfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:b4a:1:7::9273:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

mdakky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:b4a:1:7::9274:1 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

wokoez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:46b5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bristolchristian.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:ac54 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pdfarsivci.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2606:4700:3037::6815:5003 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

pdfarsivci.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80f::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80b::2002 (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80c::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:809::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:809::2002 (None, ) 3 redirects

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:824::200e (None, )

ASN- ()

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:816::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2002 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.40.226 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	pdfarsivci.com 3 redirects pdfarsivci.com	460 KB
32	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	513 KB
18	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com	117 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	596 KB
10	doubleclick.net 3 redirects googleads.g.doubleclick.net	128 KB
6	googleadservices.com www.googleadservices.com
3	googletagservices.com www.googletagservices.com	195 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	4 KB
2	wokoez.com 1 redirects wokoez.com	577 B
2	mdakky.com mdakky.com — Cisco Umbrella Rank: 36049	201 B
1	bristolchristian.org 1 redirects bristolchristian.org — Cisco Umbrella Rank: 942132	907 B
1	ypupfy.com ypupfy.com	516 KB
1	idygez.com 1 redirects idygez.com	537 B
1	href.li href.li — Cisco Umbrella Rank: 106092	470 B
1	run.place 1 redirects new.run.place	630 B
125	15

	Domain	Requested by
41	pdfarsivci.com	3 redirects ypupfy.com pdfarsivci.com
19	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	pdfarsivci.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com www.google.com
7	www.google.com	1 redirects pdfarsivci.com www.gstatic.com www.google.com tpc.googlesyndication.com
6	www.googleadservices.com	pdfarsivci.com
6	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	pdfarsivci.com googleads.g.doubleclick.net
2	wokoez.com	1 redirects ypupfy.com
2	mdakky.com	ypupfy.com
1	bristolchristian.org	1 redirects
1	ypupfy.com	href.li
1	idygez.com	1 redirects
1	href.li
1	new.run.place	1 redirects
125	18

This site contains links to these domains. Also see Links.

Domain
wordpress.org
themespiral.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2024-01-03` - `2024-04-02`	3 months	crt.sh
ypupfy.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
mdakky.com R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
wokoez.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
pdfarsivci.com E1	`2023-12-11` - `2024-03-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Frame ID: 401AFBF40589BD66DFFE4ED0E1DCF51C
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html
Frame ID: DD71B9298ECBEE1B4C4D5682F8724585
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LffKp8lAAAAAKVgumxF6xDP5XYRfLPm3xkPMlv_&co=aHR0cHM6Ly9wZGZhcnNpdmNpLmNvbTo0NDM.&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=opqevol4j6c3
Frame ID: CB0D7E132D04F991695271AC32D0BC49
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5398203186570714&output=html&adk=1812271804&adf=3025194257&lmt=1707435814&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpdfarsivci.com%2Fachorary-revolt-at-toshiba.html&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6~9~10&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707435814221&bpp=8&bdt=516&idt=405&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3541871787075&frm=20&pv=2&ga_vid=1560899806.1707435815&ga_sid=1707435815&ga_hid=288349158&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080947%2C95323761%2C95324155%2C95324160%2C95324263&oid=2&pvsid=1815104564923351&tmod=1315069784&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=450
Frame ID: 52E15FCFECDEF4E5BCEB657DC37A291B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5398203186570714&output=html&h=280&slotname=8986458836&adk=306263318&adf=3239972223&pi=t.ma~as.8986458836&w=336&lmt=1707435814&format=336x280&url=https%3A%2F%2Fpdfarsivci.com%2Fachorary-revolt-at-toshiba.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707435814229&bpp=2&bdt=523&idt=451&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3541871787075&frm=20&pv=1&ga_vid=1560899806.1707435815&ga_sid=1707435815&ga_hid=288349158&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080947%2C95323761%2C95324155%2C95324160%2C95324263&oid=2&pvsid=1815104564923351&tmod=1315069784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=464
Frame ID: C7E97756908B194E84A56E922C193947
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5398203186570714&output=html&h=280&slotname=6018431983&adk=1454730318&adf=2758199591&pi=t.ma~as.6018431983&w=336&lmt=1707435814&format=336x280&url=https%3A%2F%2Fpdfarsivci.com%2Fachorary-revolt-at-toshiba.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707435814231&bpp=1&bdt=525&idt=483&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=3541871787075&frm=20&pv=1&ga_vid=1560899806.1707435815&ga_sid=1707435815&ga_hid=288349158&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080947%2C95323761%2C95324155%2C95324160%2C95324263&oid=2&pvsid=1815104564923351&tmod=1315069784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491
Frame ID: F5598910AFE691B3619EADD36812EDF2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5398203186570714&output=html&h=280&slotname=3799500742&adk=1344493843&adf=591269790&pi=t.ma~as.3799500742&w=336&lmt=1707435814&format=336x280&url=https%3A%2F%2Fpdfarsivci.com%2Fachorary-revolt-at-toshiba.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707435814233&bpp=1&bdt=527&idt=512&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=3541871787075&frm=20&pv=1&ga_vid=1560899806.1707435815&ga_sid=1707435815&ga_hid=288349158&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=972&ady=437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080947%2C95323761%2C95324155%2C95324160%2C95324263&oid=2&pvsid=1815104564923351&tmod=1315069784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=522
Frame ID: B791DBBE20AF4C1C09BAB7A484ECD6B7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 65F9852DA49C6A06E1275872D4D62007
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js
Frame ID: 2D30D9E073747A8D4FCA61C456F7A50B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js
Frame ID: ECB0E29140033FCE68BB4B9182DC2A8C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js
Frame ID: E715A9AA4AF4830D1470CCBEB1231887
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CB841ACA4AFF4C903AE3A70E05AA560E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E7C7B916AE2989AD670D1DFF5D95841
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Achorary revolt at toshiba - Pdfarsivci

Page URL History Show full URLs

http://new.run.place/?x=5508.2079.4311.7132.2542. HTTP 302
https://href.li/?https://idygez.com/gosl/InNpZCI6MTI2ODMwMywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQ... Page URL
https://idygez.com/gosl/InNpZCI6MTI2ODMwMywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2= HTTP 302
https://ypupfy.com/porno-archive?h=waWQiOjEwNjI0NjIsInNpZCI6MTI2ODMwMywid2lkIjo1MzY1NTQsInNyYyI... Page URL
https://wokoez.com/cuclc?aid=15378670690368769792&t=1707435811&s=802032 HTTP 302
https://bristolchristian.org/click.php?key=ov27f0fsuxwyyul7d752&click_id=a2_15378670690368769792_536554_2... HTTP 302
http://pdfarsivci.com/r.php?clickid=dd82b52qdvcktfff&u=eyJsIjoiaHR0cHM6XC9cL2Jlc3QtZGF0aW5nLXNpdGV... HTTP 301
https://pdfarsivci.com/r.php?clickid=dd82b52qdvcktfff&u=eyJsIjoiaHR0cHM6XC9cL2Jlc3QtZGF0aW5nLXNpdGV... HTTP 301
https://pdfarsivci.com/achorary-revolt-at-toshiba.html?clickid=dd82b52qdvcktfff&u=eyJsIjoiaHR0cHM6X... HTTP 302
https://pdfarsivci.com/achorary-revolt-at-toshiba.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

125
Requests

98 %
HTTPS

79 %
IPv6

15
Domains

18
Subdomains

16
IPs

3
Countries

2528 kB
Transfer

5777 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: https://themespiral.com/
Title: ThemeSpiral.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://new.run.place/?x=5508.2079.4311.7132.2542. HTTP 302
https://href.li/?https://idygez.com/gosl/InNpZCI6MTI2ODMwMywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2= Page URL
https://idygez.com/gosl/InNpZCI6MTI2ODMwMywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2= HTTP 302
https://ypupfy.com/porno-archive?h=waWQiOjEwNjI0NjIsInNpZCI6MTI2ODMwMywid2lkIjo1MzY1NTQsInNyYyI6Mn0=eyJ&si1=&si2= Page URL
https://wokoez.com/cuclc?aid=15378670690368769792&t=1707435811&s=802032 HTTP 302
https://bristolchristian.org/click.php?key=ov27f0fsuxwyyul7d752&click_id=a2_15378670690368769792_536554_2_0&cost=0.0000&source_id=a536554&zone_id=a536554&country=US&browser=Chrome&os=Windows&campaign_id=802032&t9_cost=0.0000&display_size={display_size} HTTP 302
http://pdfarsivci.com/r.php?clickid=dd82b52qdvcktfff&u=eyJsIjoiaHR0cHM6XC9cL2Jlc3QtZGF0aW5nLXNpdGVzLTIwMjMuY29tXC91c1wvc2JcLyIsInQiOiJodHRwczpcL1wvYnJpc3RvbGNocmlzdGlhbi5vcmdcLyJ9&external=a2_15378670690368769792_536554_2_0&trafficsource=2 HTTP 301
https://pdfarsivci.com/r.php?clickid=dd82b52qdvcktfff&u=eyJsIjoiaHR0cHM6XC9cL2Jlc3QtZGF0aW5nLXNpdGVzLTIwMjMuY29tXC91c1wvc2JcLyIsInQiOiJodHRwczpcL1wvYnJpc3RvbGNocmlzdGlhbi5vcmdcLyJ9&external=a2_15378670690368769792_536554_2_0&trafficsource=2 HTTP 301
https://pdfarsivci.com/achorary-revolt-at-toshiba.html?clickid=dd82b52qdvcktfff&u=eyJsIjoiaHR0cHM6XC9cL2Jlc3QtZGF0aW5nLXNpdGVzLTIwMjMuY29tXC91c1wvc2JcLyIsInQiOiJodHRwczpcL1wvYnJpc3RvbGNocmlzdGlhbi5vcmdcLyJ9&external=a2_15378670690368769792_536554_2_0&trafficsource=2 HTTP 302
https://pdfarsivci.com/achorary-revolt-at-toshiba.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://new.run.place/?x=5508.2079.4311.7132.2542. HTTP 302
https://href.li/?https://idygez.com/gosl/InNpZCI6MTI2ODMwMywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=

Request Chain 1

https://idygez.com/gosl/InNpZCI6MTI2ODMwMywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2= HTTP 302
https://ypupfy.com/porno-archive?h=waWQiOjEwNjI0NjIsInNpZCI6MTI2ODMwMywid2lkIjo1MzY1NTQsInNyYyI6Mn0=eyJ&si1=&si2=

Request Chain 72

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 92

https://googleads.g.doubleclick.net/pagead/adview?ai=C1fCgJmfFZcHFMamD3rsPl5aO-A7cy7_adfCOtaGXEtK2koKfDhABILe63Sdgye6Oi8CkjBCgAZ6R-p0qyAECqAMByAPJBKoEmwJP0JxemtORzsfDioLVbvXL1iGxX0ZiIG4GBCpi7FxaCZcGfbmYsHmDEAZEBmzEwKbxjAzg3M1Gqu4b1lnBnqBEnP9-J5KnkCs5nb4GSFO7jW6u1AyHC_XEsacf8gcj28mmsS7bSncs9JJHGM3KHy4pJ9jr6ZagTo8Ed0wbWboeRntPpTmKs42gO7qON1grFPV48svvqmn37qEicrq_33jV5rCv4q6zG5sgqpoYwphPof8NIlzls5Px-UJUQPTSUFOM3TAenu9HOK5vQacwyS9Cgm5blfQO78MS_ZtcT6lR1XlM7ZlCS1uLRax2QXjbOOS788IHS-fFsBf1fkXgE5ckREBUHRUG-0mzPkto_h5uGaD_scN5dBd3cjAHwATXz_b4yASIBa-xpdVNkgUECAQYAZIFBAgFGASgBgKAB57Jyv0EqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ5KUH0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WPD53on2nIQDmgnEBGh0dHBzOi8vbGlmZXN0eWxlYWxpdmUuY29tL2NvbnRlbnQvdGVjaG5vbG9neS9hLW51bWJlci1vZi1kaWZmZXJlbnQtc2VydmljZXMtYXJlLWF2YWlsYWJsZS10aHJvdWdoLXRoZS1jbG91ZD9hX2NpZD04NDU5JmFfZmVlZD1yc29jJmFfdmM9MzImaHA9MSZyYWM9Q2xvdWQrU2VydmVycyZka3dzPUNsb3VkK1NlcnZlcnMrRm9yK0J1c2luZXNzJTJDQ2xvdWQrU2VydmVyK0NvbXBhbmllcyUyQ0Nsb3VkK1NlcnZlcitGb3IrU21hbGwrQnVzaW5lc3MlMkNCZXN0K01hbmFnZWQrQ2xvdWQrSG9zdGluZyUyQ1Ztd2FyZStIb3N0aW5nK1Byb3ZpZGVycyUyQ0FtYXpvbitBd3MrU2VydmljZXMmbWF0Y2h0eXBlPSZrZXl3b3JkPWt3ZyUyMGVudGl0eSUyMDEyMWpucTFtJm5ldHdvcms9ZCZkZXZpY2U9YyZhZHBvc2l0aW9uPSZzb3VyY2U9Z29vZ2xlJmNhbXBhaWduaWQ9MjA4NDg0MDA1NTkmYWRncm91cGlkPTE1NzAxOTkwODA1NSZhZGlkPTY4OTc1OTk3MjgwOSZwbGFjZW1lbnQ9cGRmYXJzaXZjaS5jb20mdGFyZ2V0PXNlZ21lbnRfYmVfYV8zMDMwODc1NjA0NzY3MDY1MDM4JmxvY19waHlzX21zPTkwMDU1MzImbG9jX2ludF9tcz2ACgHICwHaDBEKCxCwjPu7o8n975EBEgIBA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi01Mzk4MjAzMTg2NTcwNzE0GAA&sigh=tIzNzYgM2qs&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_TkJuAOk8pPNyr7zmq1PN-DhEq0jC-AaSEGqIptA8tCl1avCpi-iB_QhJX1ovhuQb33njcIiFnbNn55NSwDng0zTe_qI7oemT848YAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x40a6633e790dd58c0000000000000000%22,%222%22:%220x7deb40f84d195bfa0000000000000000%22,%223%22:%220x2b1d63d3c5e2311e0000000000000000%22,%224%22:%220xe3d0776d590efdfb0000000000000000%22,%225%22:%220x4ee4d60adc514e780000000000000000%22},%22debug_key%22:%227672828579670676251%22,%22debug_reporting%22:true,%22destination%22:%22https://lifestylealive.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211337107614%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227378149300301256705%22}&andc=true

Request Chain 101

https://googleads.g.doubleclick.net/pagead/adview?ai=C0uypJmfFZaiMLpmC3rsP7MOX2Ar435zUdb-Etsq4EoTpiMqUDhABILe63Sdgye6Oi8CkjBCgAZyjndIqyAEJqQIMeMBLZ0WSPqgDAcgDywSqBLECT9BLKyQES2wb9RPdp_DK5irq2CMEop75KY00MyKj3oROiTXsh9O8dVXHUMTMXtbMDxJvT3Pzefd35y7XjBWDaig_W3Qah2yBNo7NTYbe9pnjYx1_ODmtH5_SzWmhNUZ4uI99fMTWdI3kupQ9YSJOirvlJOsENjiiicJoYm6cpL-fnckHLyGh-tPQSAhQ3wUFkWimGoYRBMVoifgaAk3Eu8zmDN45dXR1mr_gnGh_IYP9nsnTpdo3ERWiv3756W4eLn8SgBwFAxR1cf_Sl4B5lxZ3oLkYuN3DQIU3rGrPGMbTcq_nTcbnOWC7MnBPrT3rF_lgtCPkxD1-ckA0wu5hDUU3tuhlkPDk_Sx4CublK3oCIj4Qux_24Lm2TFuJV_H6I9ccG24fEoLoIYJDftrY74LABKnFkK_YBIgF07il_E2SBQQIBBgBkgUECAUYBKAGLoAHnNvtsQWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDIpkrSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYkL7bifachAOaCa8EaHR0cHM6Ly9zZXJpdGFzLmNvL2FydGljbGUvMTA5MjE_dXRtX3Rlcm09b2Zmc2hvcmUlMjBzb2Z0d2FyZSUyMGRldmVsb3BtZW50JTIwc2VydmljZXMsT2Zmc2hvcmUlMjBzb2Z0d2FyZSUyMGRldmVsb3BtZW50JTIwc2VydmljZXMlMjBmb3IlMjB3ZWIlMjBhcHBsaWNhdGlvbiUyMGRldmVsb3BtZW50LE9mZnNob3JlJTIwc29mdHdhcmUlMjBkZXZlbG9wbWVudCUyMHNlcnZpY2VzJTIwZm9yJTIwY2xvdWQtYmFzZWQlMjBzb2Z0d2FyZSUyMGRldmVsb3BtZW50LE9mZnNob3JlJTIwc29mdHdhcmUlMjBkZXZlbG9wbWVudCUyMHNlcnZpY2VzJTIwZm9yJTIwZW50ZXJwcmlzZSUyMHNvZnR3YXJlJTIwZGV2ZWxvcG1lbnQsT2Zmc2hvcmUlMjBzb2Z0d2FyZSUyMGRldmVsb3BtZW50JTIwc2VydmljZXMlMjBmb3IlMjBjdXN0b20lMjBzb2Z0d2FyZSUyMGRldmVsb3BtZW50LE9mZnNob3JlJTIwc29mdHdhcmUlMjBkZXZlbG9wbWVudCUyMHNlcnZpY2VzJTIwd2l0aCUyMGRlZGljYXRlZCUyMGRldmVsb3BtZW50JTIwdGVhbXMmY2FtcF9pZD0yMTY5ODYmZ2RuND0xJnV0bV9zb3VyY2U9Z2RuNIAKAcgLAdoMEQoLEKDNyqS-v6mzjgESAgEDuBPkA9gTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi01Mzk4MjAzMTg2NTcwNzE0GAA&sigh=ni51tT-cwFc&uach_m=%5BUACH%5D&ase=2&cid=CAQSTQAvHhf_4pqfGihHMbwhCpygZs5bv8qfywMkpVXiyLEpObn7YKNDnrBTgmp-mNheh_nOls9rLrxYIJMhGJjI-HjpAgAmAk0fsw3gct5IGAE&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x36ed96f805c19bd50000000000000000%22,%222%22:%220xc799dac714f3ca9d0000000000000000%22,%223%22:%220x72d13c18fce38aaf0000000000000000%22,%224%22:%220x480d4844892138c10000000000000000%22,%225%22:%220xfd9e89b9371264a20000000000000000%22},%22debug_key%22:%227577201945500636312%22,%22debug_reporting%22:true,%22destination%22:%22https://seritas.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211446735260%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221560844905221314017%22}&andc=true

Request Chain 102

https://googleads.g.doubleclick.net/pagead/adview?ai=Ckz3mJmfFZY-nMKWJ3rsP-PuekA2XyLuNdcDl8ML3EfTnpNiVDhABILe63Sdgye6Oi8CkjBCgAcm6_-woyAEBqQJfQ9rJgweyPqgDAcgDywSqBJsCT9BN2d47W8F0JQlDet_HQhKRTsjBKzNuhF5ReLgYuRgIFXl2H31SPqW7pVjaOYDtbYa6px3GYqUIukplVIhu5bAap5JyfeIjBS5Uxkb7KKo1I_384P9rDGDW3eqDmN0vcGUK-WzoLPY9LLDiPikWI3xoZN6IDMY50NTWxiAg66VlEfC5LZmlvOCMPnvYOv6YA_LzP7DU3MsGLw7KLGjJXlqcADt_NRt54iHXK4hxeAL4PV1m7R1Q9Bf9XULlf5xV3ZyWxj1awJj8OEegTkd4Qj3xMcCCFUBsAnX8GPanY1gUiCroxwWr8aDBZ2NUTPrC6xfnYPsXZmiuaEDdnNG3AFaItUj4YpuKiq-ZoLGVUwYi7pXQKRLuLoq_icAEvOnP6s8EiAW_gtbsTZIFBAgEGAGSBQQIBRgEoAYugAfJ8s_MA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcFEMnFtgLSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYpdzdifachAOaCRxodHRwczovL3Nob2Zhc3QuY29tL2Rzcj9hYz0ygAoByAsB2gwQCgoQwKWe7LOLkMkBEgIBA9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01Mzk4MjAzMTg2NTcwNzE0GAA&sigh=LpC89eGQH7w&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_NkF1pQ8B_8wvI4KiVwezcal3Sd3L_rohdg7PGD5MygqSJpRXVejWqbXrvusvGj3BCIBV08L_kbwWZMnEFSUVDvYp_N_oITDIkRgB&template_id=5004&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1f488a9e7cae414a0000000000000000%22,%222%22:%220xeeaf74d2b66a55b90000000000000000%22,%223%22:%220xc571754ceecf5eba0000000000000000%22,%224%22:%220xe0ee326f7d043d220000000000000000%22,%225%22:%220x9e4f17797101dd520000000000000000%22},%22debug_key%22:%2218145349876597218382%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210965998921%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229145365378244222737%22}&andc=true

125 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
href.li/
Redirect Chain

http://new.run.place/?x=5508.2079.4311.7132.2542.
https://href.li/?https://idygez.com/gosl/InNpZCI6MTI2ODMwMywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=

746 B
470 B

246ms
53ms

Document
text/html

192.0.78.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://href.li/?https://idygez.com/gosl/InNpZCI6MTI2ODMwMywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.27 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 08 Feb 2024 23:43:29 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-ac: 2.jfk _dfw MISS

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Thu, 08 Feb 2024 23:43:29 GMT
Location: https://href.li/?https://idygez.com/gosl/InNpZCI6MTI2ODMwMywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=
Server: nginx/1.20.2
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

GET
H2

200

porno-archive Show response
ypupfy.com/
Redirect Chain

https://idygez.com/gosl/InNpZCI6MTI2ODMwMywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=
https://ypupfy.com/porno-archive?h=waWQiOjEwNjI0NjIsInNpZCI6MTI2ODMwMywid2lkIjo1MzY1NTQsInNyYyI6Mn0=eyJ&si1=&si2=

679 KB
516 KB

588ms
206ms

Document
text/html

185.162.87.220
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ypupfy.com/porno-archive?h=waWQiOjEwNjI0NjIsInNpZCI6MTI2ODMwMywid2lkIjo1MzY1NTQsInNyYyI6Mn0=eyJ&si1=&si2=
Requested by: Host: href.li
URL: https://href.li/?https://idygez.com/gosl/InNpZCI6MTI2ODMwMywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.162.87.220 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: e8fc5ef32c8c149a43dfb60012f4b44e21d2fb9e4f90291573363e496b9aa476

Request headers

Referer: https://href.li/?https://idygez.com/gosl/InNpZCI6MTI2ODMwMywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 08 Feb 2024 23:43:30 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu3

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8527bc330a044bc6-BUF
content-type: text/html; charset=UTF-8
date: Thu, 08 Feb 2024 23:43:29 GMT
location: https://ypupfy.com/porno-archive?h=waWQiOjEwNjI0NjIsInNpZCI6MTI2ODMwMywid2lkIjo1MzY1NTQsInNyYyI6Mn0=eyJ&si1=&si2=
max-age: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pqzivsWkrGytDbpAw69%2BCo4sGkw0MJpBH%2B6mhjh5sZHgNsoSDRJ%2FrnVful%2Fuj%2FmWxy3tkPMo1ZClO9Y8GRpmCMauuCwf8GgXkh%2BomMPChuz8HgYegG6uVjyykKlVedCDQ0%2Fw82lQYtR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-zone: eu

GET
DATA 200
OK truncated
/ 488 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 rpe Show response
mdakky.com/ 0
101 B 399ms
100ms XHR
text/plain 2a02:b4a:1:7::9273:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1062462&st=1268303&wd=536554&d=ypupfy.com&tpl=110&rnd=0.12960331494370614&sbid=&sbid2=
Requested by: Host: ypupfy.com
URL: https://ypupfy.com/porno-archive?h=waWQiOjEwNjI0NjIsInNpZCI6MTI2ODMwMywid2lkIjo1MzY1NTQsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9273:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ypupfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 08 Feb 2024 23:43:31 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 rpe Show response
mdakky.com/ 0
100 B 373ms
101ms XHR
text/plain 2a02:b4a:1:7::9273:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=12&src=2&p=1062462&st=1268303&wd=536554&d=ypupfy.com&tpl=110&rnd=0.342763224242123&sbid=&sbid2=
Requested by: Host: ypupfy.com
URL: https://ypupfy.com/porno-archive?h=waWQiOjEwNjI0NjIsInNpZCI6MTI2ODMwMywid2lkIjo1MzY1NTQsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9273:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ypupfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 08 Feb 2024 23:43:31 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 phtbload
wokoez.com/ 150 B
307 B 390ms
103ms Fetch
application/javascript 2a02:b4a:1:7::9274:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wokoez.com/phtbload?a=1&e=aeyJwaWQiOjEwNjI0NjIsInNpZCI6MTI2ODMwMywid2lkIjo1MzY1NTR9
Requested by: Host: ypupfy.com
URL: https://ypupfy.com/porno-archive?h=waWQiOjEwNjI0NjIsInNpZCI6MTI2ODMwMywid2lkIjo1MzY1NTQsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9274:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ypupfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 08 Feb 2024 23:43:31 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H3

200

Primary Request achorary-revolt-at-toshiba.html Show response
pdfarsivci.com/
Redirect Chain

https://wokoez.com/cuclc?aid=15378670690368769792&t=1707435811&s=802032
https://bristolchristian.org/click.php?key=ov27f0fsuxwyyul7d752&click_id=a2_15378670690368769792_536554_2_0&cost=0.0000&source_id=a536554&zone_id=a536554&country=US&browser=Chrome&os=Windows&campai...
http://pdfarsivci.com/r.php?clickid=dd82b52qdvcktfff&u=eyJsIjoiaHR0cHM6XC9cL2Jlc3QtZGF0aW5nLXNpdGVzLTIwMjMuY29tXC91c1wvc2JcLyIsInQiOiJodHRwczpcL1wvYnJpc3RvbGNocmlzdGlhbi5vcmdcLyJ9&external=a2_15378...
https://pdfarsivci.com/r.php?clickid=dd82b52qdvcktfff&u=eyJsIjoiaHR0cHM6XC9cL2Jlc3QtZGF0aW5nLXNpdGVzLTIwMjMuY29tXC91c1wvc2JcLyIsInQiOiJodHRwczpcL1wvYnJpc3RvbGNocmlzdGlhbi5vcmdcLyJ9&external=a2_1537...
https://pdfarsivci.com/achorary-revolt-at-toshiba.html?clickid=dd82b52qdvcktfff&u=eyJsIjoiaHR0cHM6XC9cL2Jlc3QtZGF0aW5nLXNpdGVzLTIwMjMuY29tXC91c1wvc2JcLyIsInQiOiJodHRwczpcL1wvYnJpc3RvbGNocmlzdGlhbi5...
https://pdfarsivci.com/achorary-revolt-at-toshiba.html

53 KB
13 KB

263ms
262ms

Document
text/html

2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pdfarsivci.com/achorary-revolt-at-toshiba.html

Requested by

Host: ypupfy.com
URL: https://ypupfy.com/porno-archive?h=waWQiOjEwNjI0NjIsInNpZCI6MTI2ODMwMywid2lkIjo1MzY1NTQsInNyYyI6Mn0=eyJ&si1=&si2=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1820d76c9051d3fd7b1d61af7cf77ff03153aa840c2183550b32e86494ea7b48

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN always

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8527bc496d1b4bc7-BUF
content-encoding: br
content-security-policy: frame-ancestors 'none';
content-type: text/html; charset=UTF-8
date: Thu, 08 Feb 2024 23:43:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7e%2BzUy1v6j1E83UhXiWmyTnPThB%2F0108OD7ovswG1RcANYTPhc0CQJD35wByKt8n0AUfTG1jOhOZFHDorbv9zwiFQt2EJRURWMeO4KJb2ntOldSKOKarNCiba20U63iVOFyaX2ad%2BPRQhLFeSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN always

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8527bc4879ca4bcc-BUF
content-security-policy: frame-ancestors 'none';
content-type: text/html; charset=UTF-8
date: Thu, 08 Feb 2024 23:43:33 GMT
location: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3s16WM3MCaDb7QYp0jPwaQ44z3yZ%2FK5H%2F%2FfeOYgdJbiHeGqtug1ebC%2FHvUMTmBACWruh%2FBLmVjI8xu6l%2BkQreihNIN%2Bf5NqigK2Eyy84h4vRneNA%2BUEUs%2BSniBKJ7RNynYykxPCfAn1o5awwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN always

GET
H3 200 style.min.css
pdfarsivci.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 60ms
52ms Stylesheet
text/css 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:46:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"6439bbb4-17ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aN4sJfGjk8Pw7Hq4MWf4ve2E2BF%2BUuJ41FcSKJSJTvKYXTPQ9RWsptooZrwavXD4k%2B2lGAtiS7zHmHodXhyZOd7cSpK6g4oeGIL1d6%2BoYlrRSXQbcpuQsELKw%2Fa0KB%2FpN8VzDFE6McuXcPWBZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8527bc4bca234bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 classic-themes.min.css
pdfarsivci.com/wp-includes/css/ 291 B
638 B 43ms
35ms Stylesheet
text/css 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:46:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"6439bbb4-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tSibMnqEmaHTn1RLGAUvGJP%2FaBtz4ugbpRG1XdHQyl7hH3rIPBpw5hmd6stb3dKsdhMwF8mBoumQNOGxvMQEyrIDBVWFgAgfrgWYf0RZLsQVZaQYHIIy8htI3FbWhXi%2FYb9tz8chrULvDXGsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8527bc4bca244bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 styles.css
pdfarsivci.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 62ms
54ms Stylesheet
text/css 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:43:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"6439baf2-b2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cG9nfGJSTdD468tif8WD3nVoZp%2B%2B5ig3jhSY79XQxUXMMzsj6hRClCjV2najgLbGOlFJbo7UdtDDnGok2XtEDlqVfY4LGq2dkrsS3rHLThhZrOnY5CyBAdskdaHpNz6drUcsIsWPa%2F6RDghPZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8527bc4bca264bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 tnado-styles.css
pdfarsivci.com/wp-content/plugins/hide-featured-image-on-all-single-pagepost/ 408 B
687 B 59ms
51ms Stylesheet
text/css 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/plugins/hide-featured-image-on-all-single-pagepost/tnado-styles.css?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f17aca10c855f9f6f158a32b59f5ad2f08875b00deba92088577bf7f90a98f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 21:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"60ba97b8-198"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2xAq9dMy1C4CkMcHNbqCqsYvn44SOegKBKLGX%2F85E%2B2DU38NCMkSthvTpw33OT8aKlG%2FLlIH90KRQe45G3JoBRXAf2vYfZ8qBEzM4%2BbhUBchoL%2F02dAa2Vk0FODf6E0NetiD0AIhE3EPzOVqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8527bc4bca274bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 virp-frontend.css
pdfarsivci.com/wp-content/plugins/vi-random-posts-widget/css/ 213 B
605 B 57ms
50ms Stylesheet
text/css 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/plugins/vi-random-posts-widget/css/virp-frontend.css
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a39109413936412901dd25403243a6f65ab2c3a4e84e768666369ef0386c64c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Aug 2021 13:20:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"612643b6-d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D82gEyXc8GKuvGlkYGz%2FVPqo11dHKUkULgm1cirPrlHRSx82L60NCjdzvfywKogYcomv4mYEwU%2FbIws%2FBB%2BqZpzEvHVYAuiHwyULZk83Yg5X6jMVFRnStaCe%2FNKkPPcFUV4ZnRLbObN%2F3KH%2F9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8527bc4bca284bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 font-awesome.css
pdfarsivci.com/wp-content/plugins/vi-random-posts-widget/css/ 26 KB
6 KB 60ms
52ms Stylesheet
text/css 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/plugins/vi-random-posts-widget/css/font-awesome.css
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae3abf680f6b9783f00c0dc32a3b26bdce2ec8105ec6379a0ed1b41ff112db4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Aug 2021 13:20:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"612643b6-67db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuqU2%2F%2Fu9QYGi8jV%2BfEeE7bQiaoHAnmJN5rHuVLKzizWqql5TY6q2EaJ55cKN6tj4dnz7SSZpl13uXaSPgwTIEMwS%2BFXOvrI84TzdQmdd9XAkZ1IBKyOl2jsK9WhD2UGasqZhZ31kDvKrrSAZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8527bc4bca294bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 dashicons.min.css
pdfarsivci.com/wp-includes/css/ 58 KB
35 KB 79ms
71ms Stylesheet
text/css 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-includes/css/dashicons.min.css?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da7467865e2e7a2eededd4295b36eed14e8a4cdca4484b29c00c9c435b12814c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3784
etag: W/"603ffca6-e61f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bBF8kxKrbfIT9giNgDn9UIZY4fCivouHqawvcFgrhNpCZtSbvKgmBvwdowLjX6wzP%2BcK4KFUc%2FkxE%2FXIT4sHoSX4nfPbY88UbLQ%2B3f1ckzNjspRNI9xs%2F9N7IDFre%2BwEkW%2B0L7viG6fCxsUwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8527bc4bca2b4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 colorbox.css
pdfarsivci.com/wp-content/plugins/youtubefancybox/css/ 4 KB
2 KB 107ms
100ms Stylesheet
text/css 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/plugins/youtubefancybox/css/colorbox.css?ver=2.6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb2f2d99b0c239c9f6d40069d5d31aebbe1544fe5e3195b4444236abcaed3a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Aug 2021 21:05:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"611d762c-117a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wj%2FZttfrL2dWduFoFVc2qxoa1ND0c9Zn4ki3DGHH9tgEWTPhVn9n6lIGiWmSVtj7XIyvOQlG6VPNKpkGv6WjpBvTnQYZN9fJpG2X4cikJwjKOrASIMzCSi5NIfQbgPzgqG6wmH6xmPLqn9TXhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8527bc4bca2c4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
pdfarsivci.com/wp-content/themes/freenews/ 80 KB
17 KB 108ms
100ms Stylesheet
text/css 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/themes/freenews/style.css?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2263488f4b3a05d13b129472c4207cd72a2b41881e0167d5ca06882ed78a64ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"6439bc8a-13e82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3d%2FX08gNnC1NPlmeAYV5J%2F5yTcbJviMBYRI0GKRRKslYj76VW1AzLWbyC%2F4rcZkie0d9bfMpOJZFFQ9IlaZrg%2FkzxF1x0pAIAESRBXVBoSmBAkcViI9O4p%2BEyEOFA2JwuwNsKdnh2USJJz8RoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8527bc4bca2d4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 13 KB
2 KB 115ms
41ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo:300,400,700|Arimo&subset=latin%2Clatin-ext

Requested by

Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe9388f2c20810c66e045411cdb7bead132fc8248c7142bb05dbc5e0e9eefe17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 23:43:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Feb 2024 23:43:33 GMT

GET
H3 200 style-frontend.css
pdfarsivci.com/wp-content/plugins/easy-custom-auto-excerpt/assets/ 911 B
790 B 109ms
102ms Stylesheet
text/css 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/plugins/easy-custom-auto-excerpt/assets/style-frontend.css?ver=2.4.12
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2838b480b2a83d43e5383a1c8a5244cd53437bee0d7760ca39fbea7a9a30d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 15 Feb 2020 00:22:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"5e4739aa-38f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWXjk%2F1Gbz07sa6DX3FcaqS1nnsz7PGjcgcfkXBddc0ttO6506k1MtLrDNfig%2FjVBMdNYrjwBi9RgVtoX7aXhVQUjX4d3wTLpU%2B7w2OidmQIgBbjZYk%2FZNj0FljJckVePSxqWzNqpcAlZHf%2BtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8527bc4bca2e4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 ecae-buttonskin-none.css
pdfarsivci.com/wp-content/plugins/easy-custom-auto-excerpt/buttons/ 304 B
601 B 58ms
49ms Stylesheet
text/css 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/plugins/easy-custom-auto-excerpt/buttons/ecae-buttonskin-none.css?ver=2.4.12
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2682757391a011314306df2c712bf76cc920792dd27ebfbbeb4debf7bd2dd029

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 15 Feb 2020 00:22:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"5e4739aa-130"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=planEZMkzKSDM8XeFEJEZFNw76UagD47PHdIn3VCByDmRShGJb8t7qtPdBamu%2BtaNBGT5SPS2LJL%2F0Sgbzl%2FIR2Jkxkbg%2BrhzxFtzjJZUepQjMxiUkq1%2BvutpiQRcxaPlk8rzx%2Fwwd7AnR2toQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8527bc4bda304bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
pdfarsivci.com/wp-includes/js/jquery/ 88 KB
32 KB 107ms
99ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"6439bba8-15ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRWdnXkgJZC%2FalOu2iRD3M61l534NVlQH5KwDOxNti9IS%2BhSEM%2FvsuJ7jZV3S%2FEX32uvylAld81zQ61LggDQ9%2B3iVj1MNkXQmXgln9NgmaH3ohZP9eplFL9Silh5w3tHZq1pMwqtLAL6OLWmRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4bda314bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
pdfarsivci.com/wp-includes/js/jquery/ 13 KB
5 KB 132ms
124ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"6439bba8-3470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzJwvh96RnZwSv1%2FOLy7xxuXFufTpgGMC7l9OfoLChw%2BTZWNjGkGlfySSigba8FlKk2drX1B4PFDU8vT0%2BRpR26UptsydefAfh%2FEu%2Fv4wG2bRghk34niAyhxlFU0vwumZ3jkY%2FTQH%2FCfp01fjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4bda324bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 global.js Show response
pdfarsivci.com/wp-content/themes/freenews/assets/js/ 2 KB
1 KB 132ms
125ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/themes/freenews/assets/js/global.js?ver=1
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5104dc06faffc326c8f8a5da2f0cf85c5cf35064eae62871acc3cabf8f35c78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"6439bc8a-950"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZcIjY875brs%2FD70HSUwQ0TONbyIcsqjGzWdBoN9lxWEMiINawphaX8Yc9MsRHBR6x%2FLr9gylSJYySRjSqsWZuIKcMmpDbfX2j%2F7FhN0rz87YKGuaR92iJmciTWnXpYRWBXwm72eiDay4hLMSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4bda344bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 119ms
43ms Script
text/javascript 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LffKp8lAAAAAKVgumxF6xDP5XYRfLPm3xkPMlv_

Requested by

Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ff2e516af991d71b5eea34bd85529d7a521dad9a935b5aa737449389c77962bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 08 Feb 2024 23:43:33 GMT

GET
H3 200 bdt.js Show response
pdfarsivci.com/js-8/ 78 KB
29 KB 132ms
125ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/js-8/bdt.js
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c67b22ebc9961f94f20fab1ff8d6d9d98291b8adccfe833664eb2af8b06275e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 May 2023 11:35:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"64636a89-13716"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yS%2F9fq4cAFkEQET%2BCw7ZL9q8%2BpaAGkt7gUphUQ%2FSCSxGRg2Fv%2FegaIRrYihj%2FpAZ2Ax4%2FZGcoddjiWKtLhefFg3PiypHUQ%2BCm9wMCg7QZXBY1uDAP4%2B1fcyXGcvtrtl1f5MSC3Jg5j1sfeMXtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4bda354bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 header.jpg
pdfarsivci.com/wp-content/themes/freenews/images/ 157 KB
157 KB 138ms
131ms Image
image/jpeg 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdfarsivci.com/wp-content/themes/freenews/images/header.jpg
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8510e2ce2117f6f04ad9dda1ba9484711635c5b85ae6ae0dc6c921e96a689f54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6402
etag: "6439bc8a-27378"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVu9hz2ZnhGDoOQQDCE3RqOJ131%2FbnPj%2FpCGSvnaeGm%2F28r9JW3mpMf8C4%2Bnoyk1nLwYoZXYSQ1hnbjB9fhyUTOX5h%2FadxDWT7C94syzMD65M7gU1pvbj6mkKBOW0gkZdh7l8MZQsHDp2L4W0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8527bc4bda374bc7-BUF
alt-svc: h3=":443"; ma=86400
content-length: 160632

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 178ms
94ms Script
text/javascript 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5398203186570714

Requested by

Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f897d21aec740035fa576b1cd33c1773c7870ed3f346c124f9785a02e1738dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
Origin: https://pdfarsivci.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51551
x-xss-protection: 0
server: cafe
etag: 15103594047880184633
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 08 Feb 2024 23:43:33 GMT

GET
H3 200 achorary-revolt-at-toshiba_1.jpeg
pdfarsivci.com/wp-content/uploads/sites/731/2023/04/ 29 KB
30 KB 283ms
273ms Image
image/jpeg 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdfarsivci.com/wp-content/uploads/sites/731/2023/04/achorary-revolt-at-toshiba_1.jpeg
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9702da67a9d9ece734b50e74ecfc056da1b545522f8834db0fa074695dfd792f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 27 Sep 2021 10:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615197f4-7495"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m44VwbuhYj4fm469xLJJUebyhzrCjEsMVikem%2Bf6h82XKYVydIh9s2%2FqPmAMtM7vFIx2UzfpeBS2Bk7tZUM0pAcJ5Z4C3Mtlaeoe%2Fzog%2B3%2FZ0%2BJA%2B3cdElaBG6qQhP8TNvflA%2FGyZF32tT2Nsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8527bc4bda3c4bc7-BUF
alt-svc: h3=":443"; ma=86400
content-length: 29845

GET
H3 200 index.js Show response
pdfarsivci.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 68ms
67ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:43:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"6439baf2-2801"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2b8MWra0KC63f5ZU%2BW6S38xxBteuFRiX3aT2smDwUC8cwrRRS%2BKHxywzJXTQ5tyO5d5h0M92RO2SBZClen%2FtE8aApf6re83F8aAcIqg9gbIg5320fPhzhl6ZM%2FAP6Jo3%2FiVhBoPxKYwaL7Rxyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc1f4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 index.js Show response
pdfarsivci.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 51ms
45ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:43:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"6439baf2-328f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCQmeAyIPQZZN6XHzLRh%2FAYcMXNw1fhFOkKoxucLKpNGpXx6bfFRHDdhtYDYPc4ZZLvTOP3ZPa2xh6Di3%2Fh26xSK%2FKdiYhp4ZpMenxegHW30Btej%2F9qf41IOIvc0JtgpTWCT4Ln3CG34pKNkDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc2b4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-emoji-release.min.js Show response
pdfarsivci.com/wp-includes/js/ 0
526 B 252ms
249ms Script
text/html 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pdfarsivci.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2

Requested by

Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN always

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:34 GMT
content-security-policy: frame-ancestors 'none';
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN always
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZFg6FLEmYo8OwjDHQqIlp1t8NqVmpX%2FaBLwtIUIvkSz2YUtYLNW0rn03nC3xqKxgubCvc9JJ0BOAei7kkZhmjJAtsHraJYRqOGdxc%2FU1aw91%2BJUuS9x0lT1HH%2Fzyi161HEVuYt6PEi7%2BrokNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8527bc4ccc474bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.colorbox.js Show response
pdfarsivci.com/wp-content/plugins/youtubefancybox/js/ 29 KB
9 KB 77ms
71ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/plugins/youtubefancybox/js/jquery.colorbox.js?ver=2.6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c92742e4542f6473caa2857bb21894d6004655421bbb09623fdfba0f277156ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Aug 2021 21:05:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"611d762c-724f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pp%2Fct8rYIcErkVIZ4gcrOiXAhh%2BK4Y9xN4C0JCfoAOcAFzA9ZPsyAvVUxbjzl%2B%2Bqc%2BksNtsmWcuiOEL3qJFPEC4tm1v94q3PXMTZz58lppJ3Sq6X7dz8E6JgwnMUChWZC3A14AAM5W7z%2FBShnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc2c4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 caller.js Show response
pdfarsivci.com/wp-content/plugins/youtubefancybox/js/ 209 B
605 B 71ms
65ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/plugins/youtubefancybox/js/caller.js?ver=2.6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 791ab4512c027fb3741dd66ce6338f882cde799995fd4ae0cc506ca9b7de5990

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Aug 2021 21:05:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"611d762c-d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32PcBnJP1e5NdhroxzU20pAzxo6Ki3ioaJ%2FlvlCixI2%2FCi6hXkZtYYFi%2BRuwVmhcy7R3ncvTKoBqhe6JS1WIlFoh3%2Bh%2Bp8FIYWr04DVQ4stAj%2F7LXxo8PYAMEChbRBdTZeTNV0XjlJlURW6wgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc2d4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 navigation.min.js Show response
pdfarsivci.com/wp-content/themes/freenews/assets/js/ 2 KB
1 KB 69ms
63ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/themes/freenews/assets/js/navigation.min.js?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a24f65c00a46166e180a3501c19b60562e56362308ea9363130620772de741a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"6439bc8a-714"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBWMpN%2F8mJlypJ42Kof%2B2Go9Gkwh7kWfhW0qxok%2B4nd%2FM1KLD6MyX5cHXUt5j%2Ba1hsxaphleSm3rNmMGbWFMm8uDbuWSFQn%2Bu9nS77WQoYHwk1fyHZupwCpYA9L1DCemTDmyOmrQmWc947rv5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc2f4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 skip-link-focus-fix.js Show response
pdfarsivci.com/wp-content/themes/freenews/assets/js/ 684 B
868 B 52ms
46ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/themes/freenews/assets/js/skip-link-focus-fix.js?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25f8d252a34db20e41b9f3fcf51c022ad2f0876bd47be65caba671bb8bad7ccc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"6439bc8a-2ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shwqS%2Biyv3YNPhQr9nLqyMGUFn6o9PgJ%2FxNmyK9hdxbq%2Bbnp5Z8Pj75VG%2Fk7cfpM7poh8vZ2Ck89ve8MlhyQN6C%2F4%2FJKN02cyw5tpS4I%2FWbrRGf82jhFcUfsXZnTja17qmGGH9x4u1aYbQWRIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc304bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 ResizeSensor.min.js Show response
pdfarsivci.com/wp-content/themes/freenews/assets/library/sticky-sidebar/ 2 KB
1 KB 74ms
69ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/themes/freenews/assets/library/sticky-sidebar/ResizeSensor.min.js?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f8078d5fa79042c80aff9ac50f962fca0a2461febc620b567e38fff39ddc182

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"6439bc8a-8ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGx%2B6lSjLUUnLdDxHQqqX6QwJ51d1exkCjFNyazF%2BWF8KFhw6ZOMzphpPZuVT06bXbsXbhTg8CrqqftAIdYP04wTz%2FEsapm%2BRTqloTSY713EW3zDNMvNRjI2%2FoJtT%2F9BCJvlUgI6G0Sc7ayKLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc344bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 theia-sticky-sidebar.min.js Show response
pdfarsivci.com/wp-content/themes/freenews/assets/library/sticky-sidebar/ 5 KB
2 KB 82ms
77ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/themes/freenews/assets/library/sticky-sidebar/theia-sticky-sidebar.min.js?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6403
etag: W/"6439bc8a-1535"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tmIycGGK2fFxsgbmxD%2BStbcXeTUY455eunFUBBotkwRG45FZhLahyNT5yskZcDUlGNsKt8liVrKWc7%2BDg%2BEObFThFFUGqFI2B5wBbNvZgBWfNNCw6VqTLl4cdK6ZB9Hm82F66Vo88gxIeVKHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc364bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 slick.min.js Show response
pdfarsivci.com/wp-content/themes/freenews/assets/library/slick/ 43 KB
12 KB 83ms
77ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/themes/freenews/assets/library/slick/slick.min.js?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3779
etag: W/"6439bc8a-ab69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFknsFeptvCG5AdGzKSZm4M1P3zywRMEW1w315ROr3uY1c3cwuXoH9XYpYrpN%2BfiPeI%2BL8emgQPIdE64%2BY22D213pDbqie2Eu7VNMphVhaTpRYTG4Rj31f6B4ZdjVMTdMabFRuCh0bj22aPddw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc394bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 slick-settings.js Show response
pdfarsivci.com/wp-content/themes/freenews/assets/library/slick/ 2 KB
1 KB 70ms
65ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/themes/freenews/assets/library/slick/slick-settings.js?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cba34e474754a973830d7e0c186f151ed6ae190abdcf99efe0561db3b554feb3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3779
etag: W/"6439bc8a-7f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJAzrgFlvNVrXEyv9Ox6%2FlZm9TW4UBbAgMYTUraBgV5LY3mlsoDI9qblSPQEXl1LLS%2B3cNUjxlByQD2Rhd0AhHHr%2Fe4PgMxWwx%2BL%2FfsU9y5ATGBCoPBraQhC0fmjgwkHPzqC4MZGl9Zx0BhObw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc3d4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.sticky.js Show response
pdfarsivci.com/wp-content/themes/freenews/assets/library/sticky/ 9 KB
3 KB 69ms
64ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/themes/freenews/assets/library/sticky/jquery.sticky.js?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa6c46550cf58d88334c44050cb9db5a0f693e4f8212a977cd9fdefface9905d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3779
etag: W/"6439bc8a-2577"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEKDpD0i4WRenuejW%2FZMrsLsPLWhyQNpep63HmmfrJYELURI8kJv5Y209VeapCzlpsuU3ZFIosIMs53ebyuPV%2BCvj7Ry7GRxFkPxzFVRHU7unHPtOMI41f%2BuySEsJiojndB6h7ZutiQ2KD%2F5TA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc404bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 sticky-setting.js Show response
pdfarsivci.com/wp-content/themes/freenews/assets/library/sticky/ 612 B
716 B 65ms
60ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/themes/freenews/assets/library/sticky/sticky-setting.js?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dc2e74a6570cbeba61f6b688d6300ce9a1a9cd66bc9d77f49c0f704928091df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3779
etag: W/"6439bc8a-264"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czm9CmgBq6xVeJng%2FNxuQGt8qjmCFv%2BAVvVSNVVtmq96Hgf27vzYKNJRsIRtmN9g0f8OihnVyQI6jZN1sp3p1pkCJxOhfVob4YdLNeNEWk0QUKGR8r3uk%2BcBB1Rl1uXh9abS6bYi9e4aL64Jlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc424bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 comment-reply.min.js Show response
pdfarsivci.com/wp-includes/js/ 3 KB
2 KB 72ms
67ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-includes/js/comment-reply.min.js?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Jul 2022 19:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3779
etag: W/"62d701d4-ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hN5tbL2%2BU5rpRh6YwlGjQG66AfSJ%2FBdJtd6x2lTroU1SkhJfaoEI64Bikm3uaaPiMorau19sDoBMr%2FXHkIejt7tqRDNaU2cNCccGKVSRQVVvHprU9AjcBecIeCMZUSvcoeon31yw5Zi3wVqWJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc434bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.marquee.min.js Show response
pdfarsivci.com/wp-content/themes/freenews/assets/library/marquee/ 9 KB
3 KB 68ms
63ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/themes/freenews/assets/library/marquee/jquery.marquee.min.js?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d759e86165ec9e5f9f5c9775acfe83f2c00833aa1c3522fbede166c38a2205

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3779
etag: W/"6439bc8a-235d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tR2BVAFpuJP63pNNVJrPX9Fx9fDRzjeZeg3lWuauoNTMw47hQ9rVsnnk%2FIThz62WPtFSktfyHygyvCVOa8ar9G%2BEjlHFsQXwDt4%2Fo3fq1MdNXMJIWUY%2B3facFcc9dnCZf5H5F6eqPQ1Sd%2BCUQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc444bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 marquee-settings.js Show response
pdfarsivci.com/wp-content/themes/freenews/assets/library/marquee/ 455 B
739 B 74ms
68ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/themes/freenews/assets/library/marquee/marquee-settings.js?ver=6.2
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d079e6757ff169b8252a45af5d1773b053f1b35ae7c0f3ae6a7f6a891acc28c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 20:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2305
etag: W/"6439bc8a-1c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ux5zF9yVv48Ce1aOzn1jVuw07H21NlylUuSqWBE4rkMBVLwUJ9m70Bxo6xhN%2FtxZIMjgCXaaeKbtLSEK0d55aRuJNiegOrcfyyPIddu%2BWe1imybK9KU023lzk9lgASnxh0ezx4Bd6i4Ay8aUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc454bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 image.js Show response
pdfarsivci.com/wp-content/plugins/fifu-premium/includes/html/js/ 9 KB
3 KB 71ms
66ms Script
application/javascript 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/plugins/fifu-premium/includes/html/js/image.js?ver=4.8.7
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 722e157ea0af9b8ea5b0f83f61363ca665e0eb2439473267f3663c21b6993cd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 10:07:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2305
etag: W/"6023b068-2201"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BTjNL9VK33JKCrQj5BWZAzX9qUbwlnQun%2FQ3bui22TVoaefVveY6K9gj%2BM8%2FYuF0HSTncs0H9oNTTQlkqXwmzkgoIksefoq3ht8KNkE%2FQoTEV0HFmW3dzRHbd0fWKFz%2BvVLpPbP25qc0mQOUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8527bc4ccc464bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ 488 KB
194 KB 115ms
32ms Script
text/javascript 2607:f8b0:4006:80c::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LffKp8lAAAAAKVgumxF6xDP5XYRfLPm3xkPMlv_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

689c72d7718868395eaf4bbe26e9f52e92f16daaa1d5486b53ae3744a996f1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
Origin: https://pdfarsivci.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 17:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198255
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 17:42:55 GMT

GET
H2 200 P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
fonts.gstatic.com/s/arimo/v29/ 11 KB
11 KB 145ms
81ms Font
font/woff2 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v29/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:300,400,700|Arimo&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ee722fbe14fb1d4f9be819f751060dac917300406c95b2aa67289ba7f493b7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pdfarsivci.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 18:09:41 GMT
x-content-type-options: nosniff
age: 20032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11476
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 18:09:41 GMT

GET
H2 200 NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v26/ 30 KB
30 KB 95ms
32ms Font
font/woff2 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:300,400,700|Arimo&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pdfarsivci.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:35:22 GMT
x-content-type-options: nosniff
age: 491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30240
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:13:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 23:35:22 GMT

GET
H3 200 fontawesome-webfont.woff
pdfarsivci.com/wp-content/plugins/vi-random-posts-widget/fonts/ 64 KB
64 KB 56ms
56ms Font
font/woff 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/wp-content/plugins/vi-random-posts-widget/fonts/fontawesome-webfont.woff
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/wp-content/plugins/vi-random-posts-widget/css/font-awesome.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://pdfarsivci.com/wp-content/plugins/vi-random-posts-widget/css/font-awesome.css
Origin: https://pdfarsivci.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:33 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Aug 2021 13:20:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2305
etag: "612643b6-ffac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNx9XDPCXWBr5XNA9qpCMXQ%2BMeVCNBhJDRD2QP6sPtigGGM%2B5g6SrQ9mXHzL%2FQ099vZpEvLVeYDhyrr4Tle0KLNJHhKgr2P93bWcrKlHtZ6gJmD7KFHCehHB6Q%2BRFnDCl2PDMc9LONYOvMJxSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8527bc4cec604bc7-BUF
alt-svc: h3=":443"; ma=86400
content-length: 65452

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/ 406 KB
138 KB 133ms
80ms Script
text/javascript 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5398203186570714

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

5c4f94735d9994d44714d38814c4e91a1bf7a1a023c2977dbdeea339c2c6f765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140857
x-xss-protection: 0
server: cafe
etag: 716203036265085092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:43:34 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame DD71 9 KB
5 KB 105ms
23ms Document
text/html 2607:f8b0:4006:809::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5398203186570714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 03:07:58 GMT
etag: 3890843268177463596
expires: Thu, 22 Feb 2024 03:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CB0D 44 KB
28 KB 60ms
58ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LffKp8lAAAAAKVgumxF6xDP5XYRfLPm3xkPMlv_&co=aHR0cHM6Ly9wZGZhcnNpdmNpLmNvbTo0NDM.&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=opqevol4j6c3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cb6a14b6a80e8edce376d6d71f1327500dfe5054632e1ccea9410b486e46bba6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6E2yAjgO2qjKF7c2E2Vyxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pdfarsivci.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6E2yAjgO2qjKF7c2E2Vyxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 23:43:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 52E1 8 KB
960 B 154ms
153ms Document
text/html 2607:f8b0:4006:809::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5398203186570714&output=html&adk=1812271804&adf=3025194257&lmt=1707435814&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpdfarsivci.com%2Fachorary-revolt-at-toshiba.html&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6~9~10&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707435814221&bpp=8&bdt=516&idt=405&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3541871787075&frm=20&pv=2&ga_vid=1560899806.1707435815&ga_sid=1707435815&ga_hid=288349158&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080947%2C95323761%2C95324155%2C95324160%2C95324263&oid=2&pvsid=1815104564923351&tmod=1315069784&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=450

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

4f3ba39c29c06f26f157c5ed22834d97ab812050cf17e6161539cd2438966173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 758
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 23:43:34 GMT
expires: Thu, 08 Feb 2024 23:43:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C7E9 123 KB
41 KB 987ms
984ms Document
text/html 2607:f8b0:4006:809::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5398203186570714&output=html&h=280&slotname=8986458836&adk=306263318&adf=3239972223&pi=t.ma~as.8986458836&w=336&lmt=1707435814&format=336x280&url=https%3A%2F%2Fpdfarsivci.com%2Fachorary-revolt-at-toshiba.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707435814229&bpp=2&bdt=523&idt=451&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3541871787075&frm=20&pv=1&ga_vid=1560899806.1707435815&ga_sid=1707435815&ga_hid=288349158&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080947%2C95323761%2C95324155%2C95324160%2C95324263&oid=2&pvsid=1815104564923351&tmod=1315069784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=464

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

49dba3cdf9da16880fd287ac6dca52030210f6f4e7b66e627ea634afbbbe2bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42085
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 23:43:35 GMT
expires: Thu, 08 Feb 2024 23:43:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame CB0D 55 KB
24 KB 85ms
26ms Stylesheet
text/css 2607:f8b0:4006:80c::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LffKp8lAAAAAKVgumxF6xDP5XYRfLPm3xkPMlv_&co=aHR0cHM6Ly9wZGZhcnNpdmNpLmNvbTo0NDM.&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=opqevol4j6c3

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 20:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 20:59:27 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame CB0D 488 KB
194 KB 81ms
24ms Script
text/javascript 2607:f8b0:4006:80c::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

689c72d7718868395eaf4bbe26e9f52e92f16daaa1d5486b53ae3744a996f1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 17:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198255
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 17:42:55 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F559 121 KB
41 KB 892ms
879ms Document
text/html 2607:f8b0:4006:809::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5398203186570714&output=html&h=280&slotname=6018431983&adk=1454730318&adf=2758199591&pi=t.ma~as.6018431983&w=336&lmt=1707435814&format=336x280&url=https%3A%2F%2Fpdfarsivci.com%2Fachorary-revolt-at-toshiba.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707435814231&bpp=1&bdt=525&idt=483&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=3541871787075&frm=20&pv=1&ga_vid=1560899806.1707435815&ga_sid=1707435815&ga_hid=288349158&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080947%2C95323761%2C95324155%2C95324160%2C95324263&oid=2&pvsid=1815104564923351&tmod=1315069784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7b5323d1ededefbfd3f85b8902786ae71b4cb7e1867b05116a08d3a4126ea2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41852
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 23:43:35 GMT
expires: Thu, 08 Feb 2024 23:43:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B791 108 KB
40 KB 593ms
592ms Document
text/html 2607:f8b0:4006:809::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5398203186570714&output=html&h=280&slotname=3799500742&adk=1344493843&adf=591269790&pi=t.ma~as.3799500742&w=336&lmt=1707435814&format=336x280&url=https%3A%2F%2Fpdfarsivci.com%2Fachorary-revolt-at-toshiba.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707435814233&bpp=1&bdt=527&idt=512&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=3541871787075&frm=20&pv=1&ga_vid=1560899806.1707435815&ga_sid=1707435815&ga_hid=288349158&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=972&ady=437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080947%2C95323761%2C95324155%2C95324160%2C95324263&oid=2&pvsid=1815104564923351&tmod=1315069784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=522

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

fd4cddd0ea9f0e8c581af2febdbf665eeed86459eb8efaee86c40d7987417173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41287
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 23:43:35 GMT
expires: Thu, 08 Feb 2024 23:43:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-5398203186570714 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 162ms
70ms Script
application/javascript 2607:f8b0:4006:824::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5398203186570714?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

ee51889876a47d029eefdd73d6d0e0951620d2240c46b67844b2421fd06944f3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-yAs9LrBXncZsVE4ey2sagg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-yAs9LrBXncZsVE4ey2sagg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj2sKoxSXF4KUhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePB8ub8OmsfBHTWePqprMWADHfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0D4rLb51jrgFiIm2P5uanr2AQ2vJ_FCgAFfVMT"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 NJoY_V4jI6PkkmceXDBS3pUujDrlmaNXUDelo4JV6T4.js Show response
www.google.com/js/bg/ Frame CB0D 17 KB
7 KB 33ms
32ms Script
text/javascript 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/NJoY_V4jI6PkkmceXDBS3pUujDrlmaNXUDelo4JV6T4.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

349a18fd5e2323a3e492671e5c3052de952e8c3ae599a3575037a5a38255e93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LffKp8lAAAAAKVgumxF6xDP5XYRfLPm3xkPMlv_&co=aHR0cHM6Ly9wZGZhcnNpdmNpLmNvbTo0NDM.&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=opqevol4j6c3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 23:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6860
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 23:56:07 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CB0D 2 KB
2 KB 27ms
26ms Image
image/png 2607:f8b0:4006:80c::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:15:04 GMT
x-content-type-options: nosniff
age: 52110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 15 Feb 2024 09:15:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB0D 15 KB
15 KB 37ms
32ms Font
font/woff2 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:15:49 GMT
x-content-type-options: nosniff
age: 52065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 09:15:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB0D 15 KB
15 KB 26ms
25ms Font
font/woff2 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:12:27 GMT
x-content-type-options: nosniff
age: 52267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 09:12:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CB0D 102 B
135 B 47ms
46ms Other
text/javascript 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

99953d3788a76b3b5392d7c3c2fc57a741f5d5c2b263616fdd07938aa2aa1b5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LffKp8lAAAAAKVgumxF6xDP5XYRfLPm3xkPMlv_&co=aHR0cHM6Ly9wZGZhcnNpdmNpLmNvbTo0NDM.&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=opqevol4j6c3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 08 Feb 2024 23:43:35 GMT

GET
H2 200 AGSKWxWM3Dx8pxsw1I4jvJvD0E9qBDZvsZbquX8NcGUumFphAveWn_yzY9wb4uXwdtlXfTeEFioI74Atnd4XqWjadowqVTE8-8H56re6s4BtWShrj2gkwPtpujdjKb3GqFETk0uVKDBjBA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 62ms
60ms Script
application/javascript 2607:f8b0:4006:824::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWM3Dx8pxsw1I4jvJvD0E9qBDZvsZbquX8NcGUumFphAveWn_yzY9wb4uXwdtlXfTeEFioI74Atnd4XqWjadowqVTE8-8H56re6s4BtWShrj2gkwPtpujdjKb3GqFETk0uVKDBjBA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3NDM1ODE1LDEzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wZGZhcnNpdmNpLmNvbS9hY2hvcmFyeS1yZXZvbHQtYXQtdG9zaGliYS5odG1sIixudWxsLFtbOCwiamNrRkVOZ0tCRnMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jckFENgKBFs.es5.O/am=wA/d=1/rs=AJlcJMyOaDj6WQrQqPMlQyoi_v5YRvjdlQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

6f98de269105c04d9d750ea409127b9d119a42790a34c3377754777c8245ebe7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oJ4IgSEePEDwNKak9XY0aQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-oJ4IgSEePEDwNKak9XY0aQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsOoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQPistvnWOuAWIibY_m5qevYBCY8ORIGAF_WTlQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU-C1AzxtgM8jeliZz1On5x4GGiMG8bzIu3tqvnvQme0qkSBx-3AczXctr60YQlanTPa1eKHIUWUNpC3NYes5EY88E261isErSSE3Vpz132BBUpULy_dEzN1qUdQQ8ig1_P6zNjkA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 72ms
71ms Script
application/javascript 2607:f8b0:4006:824::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU-C1AzxtgM8jeliZz1On5x4GGiMG8bzIu3tqvnvQme0qkSBx-3AczXctr60YQlanTPa1eKHIUWUNpC3NYes5EY88E261isErSSE3Vpz132BBUpULy_dEzN1qUdQQ8ig1_P6zNjkA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3NDM1ODE1LDI0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcGRmYXJzaXZjaS5jb20vYWNob3JhcnktcmV2b2x0LWF0LXRvc2hpYmEuaHRtbCIsbnVsbCxbWzgsImpja0ZFTmdLQkZzIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

21e146c8bcdf92f39b02ab0168fe363db6c9b0c0269115ffc6ebf31a0f396f76

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eUdIEd_ACPtvSTz8NbzaEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-eUdIEd_ACPtvSTz8NbzaEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsOoxSXF4KghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQPistvnWOuAWIiHY_m5qevYBDqu7O5jBACnCU5j"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 15236799504592075381
tpc.googlesyndication.com/simgad/ Frame B791 45 KB
45 KB 131ms
49ms Image
image/jpeg 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15236799504592075381?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qklNkQspqzKFJjqLi1iCFl7r2Oi2g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5398203186570714&output=html&h=280&slotname=3799500742&adk=1344493843&adf=591269790&pi=t.ma~as.3799500742&w=336&lmt=1707435814&format=336x280&url=https%3A%2F%2Fpdfarsivci.com%2Fachorary-revolt-at-toshiba.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707435814233&bpp=1&bdt=527&idt=512&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=3541871787075&frm=20&pv=1&ga_vid=1560899806.1707435815&ga_sid=1707435815&ga_hid=288349158&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=972&ady=437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080947%2C95323761%2C95324155%2C95324160%2C95324263&oid=2&pvsid=1815104564923351&tmod=1315069784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=522

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

89d02c9f80bf5d586d78c9254c63cc1dfeffdcd9aaedb5666920f9dac9b691b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 15:36:58 GMT
x-content-type-options: nosniff
age: 547597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45805
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 14:17:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Feb 2025 15:36:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame B791 23 KB
9 KB 114ms
32ms Script
text/javascript 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame B791 3 KB
1 KB 53ms
47ms Script
text/javascript 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame B791 20 KB
9 KB 109ms
28ms Script
text/javascript 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:18 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B791 205 KB
65 KB 134ms
44ms Script
text/javascript 2607:f8b0:4006:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66416
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707309907044448"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:43:35 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame B791 36 KB
15 KB 84ms
79ms Script
text/javascript 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

083453bf4d12b9c46f44e3b434994e63ab8d8507300e67eaa25d9c7a9c0354bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14866
x-xss-protection: 0
server: cafe
etag: 15811255140505289687
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:46:40 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 65F9 143 B
166 B 35ms
26ms Document
text/html 2607:f8b0:4006:809::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5398203186570714&output=html&h=280&slotname=3799500742&adk=1344493843&adf=591269790&pi=t.ma~as.3799500742&w=336&lmt=1707435814&format=336x280&url=https%3A%2F%2Fpdfarsivci.com%2Fachorary-revolt-at-toshiba.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707435814233&bpp=1&bdt=527&idt=512&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=3541871787075&frm=20&pv=1&ga_vid=1560899806.1707435815&ga_sid=1707435815&ga_hid=288349158&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=972&ady=437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080947%2C95323761%2C95324155%2C95324160%2C95324263&oid=2&pvsid=1815104564923351&tmod=1315069784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=522
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 23:26:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B791 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e8bfc03cfd06ec795543dc10d8b7f35485f32b6571602ae6c914ce0d27fd28d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 65F9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

145ms
110ms

Document
text/html

2607:f8b0:4006:809::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 23:43:35 GMT
expires: Thu, 08 Feb 2024 23:43:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 23:43:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame F559 14 KB
1 KB 101ms
26ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5398203186570714&output=html&h=280&slotname=6018431983&adk=1454730318&adf=2758199591&pi=t.ma~as.6018431983&w=336&lmt=1707435814&format=336x280&url=https%3A%2F%2Fpdfarsivci.com%2Fachorary-revolt-at-toshiba.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707435814231&bpp=1&bdt=525&idt=483&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=3541871787075&frm=20&pv=1&ga_vid=1560899806.1707435815&ga_sid=1707435815&ga_hid=288349158&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080947%2C95323761%2C95324155%2C95324160%2C95324263&oid=2&pvsid=1815104564923351&tmod=1315069784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=491

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Feb 2024 23:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 22:10:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Feb 2024 23:43:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame F559 2 KB
903 B 88ms
14ms Script
text/javascript 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:44:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:44:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame F559 23 KB
9 KB 67ms
12ms Script
text/javascript 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame F559 3 KB
1 KB 68ms
13ms Script
text/javascript 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame F559 20 KB
8 KB 65ms
10ms Script
text/javascript 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:18 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F559 205 KB
65 KB 109ms
0ms Script
text/javascript 2607:f8b0:4006:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66416
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707309907044448"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:43:35 GMT

GET
H3 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame F559 37 KB
15 KB 120ms
84ms Script
text/javascript 2607:f8b0:4006:80c::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 20:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 20:10:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 May 2024 20:29:00 GMT

GET
H2 200 2398034351986173227
tpc.googlesyndication.com/simgad/8073924967853152049/ Frame F559 6 KB
6 KB 83ms
0ms Image
image/jpeg 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8073924967853152049/2398034351986173227

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6d5080d467ae9ed6a8acf69e2e8d1aad25969ee1da3951fb433abc56f08d57de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Tue, 04 Feb 2025 08:18:03 GMT
date: Mon, 05 Feb 2024 08:18:03 GMT
x-content-type-options: nosniff
age: 314732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5755
x-xss-protection: 0
last-modified: Sun, 26 Nov 2023 22:49:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 4951700516244967416
tpc.googlesyndication.com/simgad/ Frame F559 45 KB
45 KB 113ms
0ms Image
image/png 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4951700516244967416

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6a72018a502fa72bb1450f1a8b87933f6f9c3059da0aceb62db6f7cb89ff611c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 23:28:42 GMT
date: Thu, 08 Feb 2024 23:28:42 GMT
x-content-type-options: nosniff
age: 893
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46057
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 09:19:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 css
fonts.googleapis.com/ Frame C7E9 6 KB
728 B 111ms
58ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5398203186570714&output=html&h=280&slotname=8986458836&adk=306263318&adf=3239972223&pi=t.ma~as.8986458836&w=336&lmt=1707435814&format=336x280&url=https%3A%2F%2Fpdfarsivci.com%2Fachorary-revolt-at-toshiba.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707435814229&bpp=2&bdt=523&idt=451&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3541871787075&frm=20&pv=1&ga_vid=1560899806.1707435815&ga_sid=1707435815&ga_hid=288349158&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080947%2C95323761%2C95324155%2C95324160%2C95324263&oid=2&pvsid=1815104564923351&tmod=1315069784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=464

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Feb 2024 23:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 21:50:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Feb 2024 23:43:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame C7E9 2 KB
822 B 81ms
29ms Script
text/javascript 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:44:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:44:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame C7E9 23 KB
9 KB 123ms
94ms Script
text/javascript 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame C7E9 3 KB
1 KB 127ms
100ms Script
text/javascript 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame C7E9 20 KB
8 KB 87ms
35ms Script
text/javascript 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:18 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7E9 205 KB
65 KB 114ms
62ms Script
text/javascript 2607:f8b0:4006:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66416
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707309907044448"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:43:35 GMT

GET
H3 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame C7E9 37 KB
15 KB 67ms
39ms Script
text/javascript 2607:f8b0:4006:80c::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 20:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 20:10:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 May 2024 20:29:00 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/14948050109721262277/ Frame C7E9 35 KB
35 KB 100ms
93ms Image
image/jpeg 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14948050109721262277/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5e89f1a7aea0ba7312a02b1a4c44914db06d73027338ee77c06a572d24006429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 20:46:00 GMT
date: Thu, 08 Feb 2024 20:46:00 GMT
x-content-type-options: nosniff
age: 10655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35948
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 19:55:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame C7E9 220 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd06c58aba90b8c7532d83473adf084836b35409d7e6af115bd7180440e534aa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F559 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25a5e3e0ef672707e3964864d0f2efcdc0929f4358f0cdedff04c415f446dffa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B791
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C1fCgJmfFZcHFMamD3rsPl5aO-A7cy7_adfCOtaGXEtK2koKfDhABILe63Sdgye6Oi8CkjBCgAZ6R-p0qyAECqAMByAPJBKoEmwJP0JxemtORzsfDioLVbvXL1iGxX0ZiIG4GBCpi7FxaCZc...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x40a6633e790dd58c0000000000000000%22,%222%22:%220x7deb40f84d195bfa0000000000000000%22,%223%22:%220x2b1d63...

0
0

124ms
59ms

Fetch
text/css

142.251.40.226

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x40a6633e790dd58c0000000000000000%22,%222%22:%220x7deb40f84d195bfa0000000000000000%22,%223%22:%220x2b1d63d3c5e2311e0000000000000000%22,%224%22:%220xe3d0776d590efdfb0000000000000000%22,%225%22:%220x4ee4d60adc514e780000000000000000%22},%22debug_key%22:%227672828579670676251%22,%22debug_reporting%22:true,%22destination%22:%22https://lifestylealive.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211337107614%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227378149300301256705%22}&andc=true

Requested by

Host: pdfarsivci.com
URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html

Protocol

Server

142.251.40.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x40a6633e790dd58c0000000000000000","2":"0x7deb40f84d195bfa0000000000000000","3":"0x2b1d63d3c5e2311e0000000000000000","4":"0xe3d0776d590efdfb0000000000000000","5":"0x4ee4d60adc514e780000000000000000"},"debug_key":"7672828579670676251","debug_reporting":true,"destination":"https://lifestylealive.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11337107614"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"7378149300301256705"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Feb 2024 23:43:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 08 Feb 2024 23:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x40a6633e790dd58c0000000000000000","2":"0x7deb40f84d195bfa0000000000000000","3":"0x2b1d63d3c5e2311e0000000000000000","4":"0xe3d0776d590efdfb0000000000000000","5":"0x4ee4d60adc514e780000000000000000"},"debug_key":"7672828579670676251","debug_reporting":true,"destination":"https://lifestylealive.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11337107614"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"7378149300301256705"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D30 51 KB
19 KB 46ms
43ms Script
text/javascript 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:19:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19835
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 17:19:35 GMT

GET
DATA 200
OK truncated
/ Frame C7E9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8ba6ccaef913364bc957ac5e2a4f266052c058d3277eba0af7e72912ea16071

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C7E9 15 KB
15 KB 39ms
38ms Font
font/woff2 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 04:14:19 GMT
x-content-type-options: nosniff
age: 156557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 04:14:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C7E9 15 KB
16 KB 35ms
34ms Font
font/woff2 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:28:28 GMT
x-content-type-options: nosniff
age: 198908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 16:28:28 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C7E9 15 KB
15 KB 45ms
45ms Font
font/woff2 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:24:01 GMT
x-content-type-options: nosniff
age: 51575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 09:24:01 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F559 33 KB
33 KB 55ms
54ms Font
font/woff2 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 18:24:54 GMT
x-content-type-options: nosniff
age: 19122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 18:24:54 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame CB0D 14 KB
10 KB 94ms
82ms XHR
application/json 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LffKp8lAAAAAKVgumxF6xDP5XYRfLPm3xkPMlv_

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d1e72f6514e8f4b0dc8ca958ec1af4c6127613e5e67cf06f102e070373954434

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LffKp8lAAAAAKVgumxF6xDP5XYRfLPm3xkPMlv_&co=aHR0cHM6Ly9wZGZhcnNpdmNpLmNvbTo0NDM.&hl=en&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=opqevol4j6c3
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 08 Feb 2024 23:43:36 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 291ms
51ms Preflight
text/html 142.251.40.226

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 08 Feb 2024 23:43:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C7E9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C0uypJmfFZaiMLpmC3rsP7MOX2Ar435zUdb-Etsq4EoTpiMqUDhABILe63Sdgye6Oi8CkjBCgAZyjndIqyAEJqQIMeMBLZ0WSPqgDAcgDywSqBLECT9BLKyQES2wb9RPdp_DK5irq2CMEop7...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x36ed96f805c19bd50000000000000000%22,%222%22:%220xc799dac714f3ca9d0000000000000000%22,%223%22:%220x72d13c...

0
0

114ms
58ms

Fetch
text/css

142.251.40.226

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x36ed96f805c19bd50000000000000000%22,%222%22:%220xc799dac714f3ca9d0000000000000000%22,%223%22:%220x72d13c18fce38aaf0000000000000000%22,%224%22:%220x480d4844892138c10000000000000000%22,%225%22:%220xfd9e89b9371264a20000000000000000%22},%22debug_key%22:%227577201945500636312%22,%22debug_reporting%22:true,%22destination%22:%22https://seritas.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211446735260%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221560844905221314017%22}&andc=true

Protocol

Server

142.251.40.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x36ed96f805c19bd50000000000000000","2":"0xc799dac714f3ca9d0000000000000000","3":"0x72d13c18fce38aaf0000000000000000","4":"0x480d4844892138c10000000000000000","5":"0xfd9e89b9371264a20000000000000000"},"debug_key":"7577201945500636312","debug_reporting":true,"destination":"https://seritas.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11446735260"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"1560844905221314017"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Feb 2024 23:43:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 08 Feb 2024 23:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x36ed96f805c19bd50000000000000000","2":"0xc799dac714f3ca9d0000000000000000","3":"0x72d13c18fce38aaf0000000000000000","4":"0x480d4844892138c10000000000000000","5":"0xfd9e89b9371264a20000000000000000"},"debug_key":"7577201945500636312","debug_reporting":true,"destination":"https://seritas.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11446735260"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"1560844905221314017"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F559
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ckz3mJmfFZY-nMKWJ3rsP-PuekA2XyLuNdcDl8ML3EfTnpNiVDhABILe63Sdgye6Oi8CkjBCgAcm6_-woyAEBqQJfQ9rJgweyPqgDAcgDywSqBJsCT9BN2d47W8F0JQlDet_HQhKRTsjBKzN...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1f488a9e7cae414a0000000000000000%22,%222%22:%220xeeaf74d2b66a55b90000000000000000%22,%223%22:%220xc57175...

0
0

112ms
57ms

Fetch
text/css

142.251.40.226

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1f488a9e7cae414a0000000000000000%22,%222%22:%220xeeaf74d2b66a55b90000000000000000%22,%223%22:%220xc571754ceecf5eba0000000000000000%22,%224%22:%220xe0ee326f7d043d220000000000000000%22,%225%22:%220x9e4f17797101dd520000000000000000%22},%22debug_key%22:%2218145349876597218382%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210965998921%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229145365378244222737%22}&andc=true

Protocol

Server

142.251.40.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x1f488a9e7cae414a0000000000000000","2":"0xeeaf74d2b66a55b90000000000000000","3":"0xc571754ceecf5eba0000000000000000","4":"0xe0ee326f7d043d220000000000000000","5":"0x9e4f17797101dd520000000000000000"},"debug_key":"18145349876597218382","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10965998921"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"9145365378244222737"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Feb 2024 23:43:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 08 Feb 2024 23:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x1f488a9e7cae414a0000000000000000","2":"0xeeaf74d2b66a55b90000000000000000","3":"0xc571754ceecf5eba0000000000000000","4":"0xe0ee326f7d043d220000000000000000","5":"0x9e4f17797101dd520000000000000000"},"debug_key":"18145349876597218382","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10965998921"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"9145365378244222737"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 75ms
70ms XHR
application/json 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7d475cbbf27ee650ad28e06d88fa100f4720625126d8f61fdc8e614614bcaf4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12361
x-xss-protection: 0

GET
H3 200 s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response
pagead2.googlesyndication.com/bg/ Frame ECB0 51 KB
19 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:19:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19835
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 17:19:35 GMT

GET
H3 200 s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response
pagead2.googlesyndication.com/bg/ Frame E715 51 KB
19 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:19:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19835
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 17:19:35 GMT

GET
H3 200 ad.epl Show response
fundingchoicesmessages.google.com/f/AGSKWxXxFJ0B0Ts3pgyOSVnJ5CPV3jhHhDecbFFeIE7YzLY_oNsUWWDIRxMGnICUFlwJXHb2cEyDOZMVhMjJrziuPeE-AHA-NFLdH24_r6wmeIxbq5_9VdRvpcxbgqLqZIULUpSTIvCE08vT_p9au-fu1xzvIZZPt... 54 B
110 B 52ms
51ms Script
application/javascript 2607:f8b0:4006:824::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXxFJ0B0Ts3pgyOSVnJ5CPV3jhHhDecbFFeIE7YzLY_oNsUWWDIRxMGnICUFlwJXHb2cEyDOZMVhMjJrziuPeE-AHA-NFLdH24_r6wmeIxbq5_9VdRvpcxbgqLqZIULUpSTIvCE08vT_p9au-fu1xzvIZZPt-m_SlP99Tr8_c8nKohbPI8poOXk04xh/_/ads/head..lazyload-ad-/ad.epl?/ads.png/adswide.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jckFENgKBFs.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzagGqXr5oFhEL1_4sxa-2Z-JQzpg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

90cc7d5f67c37f49c75d35a912d7cd82edf84e3217546a68091f9da2925f4a32

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0aYlRspdhPw2lBFLq9dnDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-0aYlRspdhPw2lBFLq9dnDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsOoxSXF4KIhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQPistvnWOuAWIiHY8W5qevYBG6s37uQEQCqXk6n"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 65 KB
24 KB 31ms
30ms Script
text/javascript 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

4d8422717684d38a8c50ce8bee6dd6b573edd07902908d8956e5c5720a1e44a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:38:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 331
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24651
x-xss-protection: 0
server: cafe
etag: 1327764161256606968
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 00:38:05 GMT

POST
H3 204 AGSKWxWFtbOBkPSXJeVIAbBFZBSh6GAN_RDUO405W0Ylz79ntqxpm-d0lQtDCGVjcHkDubmoebqQqZxrExnK3K6RXU-12vV6cauXOH8gG9AXKCiZMzG2j239n1p5eKGqdNtLpnAGcJVKyw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 113ms
50ms XHR
text/html 2607:f8b0:4006:824::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWFtbOBkPSXJeVIAbBFZBSh6GAN_RDUO405W0Ylz79ntqxpm-d0lQtDCGVjcHkDubmoebqQqZxrExnK3K6RXU-12vV6cauXOH8gG9AXKCiZMzG2j239n1p5eKGqdNtLpnAGcJVKyw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LAzN8-xD8NAkUu4lg0YZQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-LAzN8-xD8NAkUu4lg0YZQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmLw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEQjwcK85NXccmsOP6132MAOvUHTs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://pdfarsivci.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 162ms
52ms Preflight
text/html 142.251.40.226

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 08 Feb 2024 23:43:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 145ms
59ms Preflight
text/html 142.251.40.226

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 08 Feb 2024 23:43:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 48ms
46ms Script
text/javascript 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 23:43:36 GMT

POST
H3 200 verify_captcha.php Show response
pdfarsivci.com/ 11 B
432 B 467ms
466ms XHR
text/html 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/verify_captcha.php
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/js-8/bdt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b0644f3b8991802672fe2bae893536968a5a3ed24173f8988d83bf432e3665d

Request headers

Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCDeNa6RL9O9DGzfCqMrmasWlqTXxReQVnr2xK51nHSf1VRZCkuj2X1E3pZU9JUyt7oN2JBp6IDoDn8ri3jpvmFe%2Fx%2FT7gpix7hpJVm5fo40I%2BU91%2Bsg%2B0bJlqAyi6IJ3uinFwdgpzFl1ig1Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8527bc5d39d04bc7-BUF
alt-svc: h3=":443"; ma=86400

POST
H3 200 verify_captcha.php Show response
pdfarsivci.com/ 11 B
503 B 671ms
670ms XHR
text/html 2606:4700:3037::6815:5003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdfarsivci.com/verify_captcha.php
Requested by: Host: pdfarsivci.com
URL: https://pdfarsivci.com/js-8/bdt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edaa92621e65c81c9d6ee89f3fa39d3f63c42fdf0fb91e47fd2f9583469c0609

Request headers

Referer: https://pdfarsivci.com/achorary-revolt-at-toshiba.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Feb 2024 23:43:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CsEHgGYBSI4zMRAJ3%2FSWSxdElZftz%2B%2B07t4p1Km0gPpd3p4RIZllG2GQ7Dl%2BJf6YRuSvpG6WxX97Dr8G4htzcSMFOSgSAUO2Zv2KV47UM8k0HMFZUm1TBE12PX1XoGzWfZhh%2FDiDA9KEqnbnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8527bc5d49d14bc7-BUF
alt-svc: h3=":443"; ma=86400

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWFtbOBkPSXJeVIAbBFZBSh6GAN_RDUO405W0Ylz79ntqxpm-d0lQtDCGVjcHkDubmoebqQqZxrExnK3K6RXU-12vV6cauXOH8gG9AXKCiZMzG2j239n1p5eKGqdNtLpnAGcJVKyw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AQG0kRe_luO2825xa4-BNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-AQG0kRe_luO2825xa4-BNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmJw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEQjwcK85NXccmMONpUycTAOgGHHw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://pdfarsivci.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWFtbOBkPSXJeVIAbBFZBSh6GAN_RDUO405W0Ylz79ntqxpm-d0lQtDCGVjcHkDubmoebqQqZxrExnK3K6RXU-12vV6cauXOH8gG9AXKCiZMzG2j239n1p5eKGqdNtLpnAGcJVKyw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dSfBtfYRLi8cUQXRV2KNeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dSfBtfYRLi8cUQXRV2KNeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctDikmLw05BiWMy_i6mW4RlTKxAz_nnBxAnE7yRfMX0D4h0-HixTAmewzgFip_QZrCFAXHb7HGsdEAvxcKw4N3Udm8CDN4d6mABU6h6I"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://pdfarsivci.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWFtbOBkPSXJeVIAbBFZBSh6GAN_RDUO405W0Ylz79ntqxpm-d0lQtDCGVjcHkDubmoebqQqZxrExnK3K6RXU-12vV6cauXOH8gG9AXKCiZMzG2j239n1p5eKGqdNtLpnAGcJVKyw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lETWCiL-meNNT2avVuUGMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-lETWCiL-meNNT2avVuUGMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmLw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEQjwcK85NXccm8KHnTw8TAOpaHPo"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://pdfarsivci.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUwyw-0JVttQiEQhMC7jsKUoUr6EEwTqxzvznD2oWsIxvY-Jv6zb0hyPHKSce-SBbHmS1NhNmu8O0R-Q5tLi-9_VJyxS2rwuXAsLwx212oUvnd4pFEOH-JeJR0px8NT37_d06lKTQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 60ms
59ms Script
application/javascript 2607:f8b0:4006:824::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUwyw-0JVttQiEQhMC7jsKUoUr6EEwTqxzvznD2oWsIxvY-Jv6zb0hyPHKSce-SBbHmS1NhNmu8O0R-Q5tLi-9_VJyxS2rwuXAsLwx212oUvnd4pFEOH-JeJR0px8NT37_d06lKTQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3NDM1ODE2LDUzOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wZGZhcnNpdmNpLmNvbS9hY2hvcmFyeS1yZXZvbHQtYXQtdG9zaGliYS5odG1sIixudWxsLFtbOCwiamNrRkVOZ0tCRnMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

734805f6ef2a628820ab273d6600ef790cb6887b4bef6d65fe9a3043f65aa7e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YwcxVs-VyqCUCwPHm91DCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-YwcxVs-VyqCUCwPHm91DCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsOoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQPistvnWOuAWIiHY8W5qevYBDZMOzmVCQCuOU5u"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CB84 13 KB
5 KB 37ms
34ms Document
text/html 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 12916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 20:08:21 GMT
expires: Fri, 07 Feb 2025 20:08:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5E7C 829 B
557 B 54ms
52ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1df6abfbcffaf65a44ff948bb9735fa290580f9c591e9c73d57f9fe43bf862eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yNYklua2LMn4cHI-dA_tnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pdfarsivci.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-yNYklua2LMn4cHI-dA_tnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 23:43:37 GMT
expires: Thu, 08 Feb 2024 23:43:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 AGSKWxUend896DHa0Fma2GsdEU3VtQ9e1-bj9IhKId2Kvv0mRRD3fmulN1PJ2yJSoX2F7pL2vKSoE51Ua0mps_Bln7UFlf1xJPn0A3qK5Krp8kh5gSAuLvkOe0qLgCC-5N3mBwlNZj2-ng== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 48ms
48ms XHR
text/html 2607:f8b0:4006:824::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUend896DHa0Fma2GsdEU3VtQ9e1-bj9IhKId2Kvv0mRRD3fmulN1PJ2yJSoX2F7pL2vKSoE51Ua0mps_Bln7UFlf1xJPn0A3qK5Krp8kh5gSAuLvkOe0qLgCC-5N3mBwlNZj2-ng==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-URFE7LhPzassTJKtAva2Ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-URFE7LhPzassTJKtAva2Ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmJw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEQjwcK85NXccmMGPt3_9MAOj3HTM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://pdfarsivci.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWFtbOBkPSXJeVIAbBFZBSh6GAN_RDUO405W0Ylz79ntqxpm-d0lQtDCGVjcHkDubmoebqQqZxrExnK3K6RXU-12vV6cauXOH8gG9AXKCiZMzG2j239n1p5eKGqdNtLpnAGcJVKyw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-P93GKkqMVxhkSuSwF0gvqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pdfarsivci.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Feb 2024 23:43:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-P93GKkqMVxhkSuSwF0gvqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmLw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEQjwcK85NXccmMOPK2wZmAOrcHNU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://pdfarsivci.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B791 42 B
64 B 90ms
90ms Fetch
image/gif 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiq6rt0qcsHgx9v2sZ6UvQrxbX4docAFRM0JANNjc8PzUBpz9fWbDGCXfiZ7IoGEGnJSmNr_PkrC7BTOTF1PPnb8ONTbF6Mlaa8IpvCh3fy1scVn4WIS2gLta68LhWk_iSCb9SMuCEaGmm_5_hyqPU4a2wJc-mmCU&sai=AMfl-YQM7b2CjAKvzHVVjdRUpLL77eNYyMaTJyhgxTwPzQllhf9_ku1lTiMceWFJUOz47hQnoNDLuigIhRkQ8XlPIMzMFC_PgFjijoRrgun4eyUJHIzSjuM0BTNyzdqy4wPIWnqcY0J1OIA8gGSWHY_aOw&sig=Cg0ArKJSzJUjr-3ztpv7EAE&cid=CAQSTwAvHhf_TkJuAOk8pPNyr7zmq1PN-DhEq0jC-AaSEGqIptA8tCl1avCpi-iB_QhJX1ovhuQb33njcIiFnbNn55NSwDng0zTe_qI7oemT848YAQ&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1344493843&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=336861500&rst=1707435814760&rpt=1169&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Feb 2024 23:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame CB84 39 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 20:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 20:08:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5E7C 0
0 88ms
87ms Image
text/html 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240207&jk=1815104564923351&rc=05AJmcDEmMFNmTgDSVGEuRXhRHQ8JPxq2LAM2PhP9FXGN7Cb8mOaN1ex2mCil1PPMsnIN9NBCd3ZA8FbwQpt0PPv9Ipzxaox-QxEUtIFUhzcBJgAdHIwdUFPEV6V3qJJlX1bORccDtXkCsrxHVFh8tGeIlR4TUse4Ny_dnmH1QX2VsRZhpI9aGMO17DqwxYpZKoxn4CYGK30rhoG5BqptwZlHTwA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F559 42 B
64 B 92ms
92ms Fetch
image/gif 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxBcj9h3e9zc-1DdoCMn0lhnS_A1fMXa5c1W55UTvhu6ZI2Gx2ypMubQ3pno3z1WwJG-vt5d8lBY6Ku3PHiDT4vYJSSrWGFJtgjceXrYLsiMlWRs3UDWtT_BxXQ_VyZhATUAtfJ1WxCUzyPAhfAX1tzbhrpalZ2vw&sai=AMfl-YRkFg8oeU7kmIrekHaBqST6D2GTf0NvVuKa0gHTFDYJaI5opZDz9Fi-Mmq965jhtwCQaLZ98_M1LtqvXGkHm1rswKNUroTRbLycpcbkpzYE4QsuSG7cAcu9P-HVTGHoVR5ua64te7cgDt-KZL2-&sig=Cg0ArKJSzCtD1rTz7vD_EAE&cid=CAQSTgAvHhf_NkF1pQ8B_8wvI4KiVwezcal3Sd3L_rohdg7PGD5MygqSJpRXVejWqbXrvusvGj3BCIBV08L_kbwWZMnEFSUVDvYp_N_oITDIkRgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1454730318&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=336861500&rst=1707435814725&rpt=1457&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Feb 2024 23:43:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C7E9 42 B
64 B 90ms
89ms Fetch
image/gif 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpldEjIkAuEUJSBMSoikcoaTdemNnHRH2ZuFlUuXUTPrqxdt5kWiITUyCLW5JWqVMKjOnA735VjtI_-4B6Iiaw165ONdtghOj_jywBKInkIGiM9MO67WNZTRw_SWlm0m30cMQ78polHPXuJ4hoJPwq5AgyeYT9s_Y&sai=AMfl-YTXXi19Q2t2mmDLtPPsnFMEP5cxOr30N_5NpJGuvxNFQKc3COGZrReVkCNiT8srMPjiDXjYBFamqTH71DJ0aBi_dHE8RtrT5kvrKgfcZEULX0dxvC43nztXysilf55r3OAOqHF0jYImu6vTaEk&sig=Cg0ArKJSzPIO4LlR-u6WEAE&cid=CAQSTQAvHhf_4pqfGihHMbwhCpygZs5bv8qfywMkpVXiyLEpObn7YKNDnrBTgmp-mNheh_nOls9rLrxYIJMhGJjI-HjpAgAmAk0fsw3gct5IGAE&id=lidar2&mcvt=1002&p=0,0,280,336&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=306263318&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=336861600&rst=1707435814700&rpt=1456&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Feb 2024 23:43:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CB84 0
10 B 24ms
24ms Image
text/plain 2607:f8b0:4006:816::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?v8iFDQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:43:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
87ms Image
text/html 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240207&jk=1815104564923351&bg=!a2ilaCfNAAaxkZ3akZE7ADQBe5WfOMAEPm5f2WCZPMAkwizeJSexM_c_mcYYUU6JhUiePK4x5FNMQQ8_gTphCjPA3IoUAgAAAJRSAAAAMGgBB5kCyYcHhCvsnr5oBDpetnapFrgTF9UmSY3MXBO8ZWvfd1IjipynK5nMthVoCu7ndmAQ-yUdGcE_mTSm66SdNhfUeKaFsvZmXjs7qP-ARxlTksOu6WyZNop1NEa2YS62U05y8pWn5P3QGRR1PQegvE9Cb32PHc-af8vZ41hBMypRtnDx7MK5uDxyVpwOjyz7tGS8WpE6TEWtcYzlSRVgKaonaDPdokHq6_U4Zy7oLi0D3QkhZHVj9G3jpnlK-6vmg3dGxOGcb32ubtQe5CJqhv-PZ0uwwSJMJMu_mrVz-KaN82lz9aKKwzSNV2APNBCe1zAbyUjQxvM_FAacHPXwiUDoDx91xWNF94ZZ6kZIzXt8YVHXAPc6OXp9Dn4EVaY3fGvTBI_Dk45aS80VBjpGwuaTiBm-NVxczbMAGkynqqBnv2cEdN8mVYswJbK8NU9cjU0x6wggkLqB0cfw1tkyBavRu5rU7yylkZlJ62X815mLJdsuoCFkAPNli7OG8CZD9MGmI8nTdg4E_9s-M_ViUolBA2bqfoy-LHWcFTzd7fHm28ZRnNGHq-y5TUSuv4gM6UNaMnAAjaFnbswDBp0Z731Loy7UFU5XbdPeo6a-WxxmlZ3dA7V_hjkLZ2bPPw4zB9dRlIIxbYbviqI0svMcWKLXdSFnMTZPa5EOTBUA4dK4lmCOm7_ozxEFyyy-ZJLdLgxJnqSGBVTNa1tDEmrpkgaVWfTvvCV0eRsGNMBPVYuZPSB_ZWFDt9wXi07neo358nvc1edF2PjBBRhVOKiuKNv4SjSnACOQ2jyBFjXeiLIhOACfNl90aUnzPmzFSd3h3ODbgNKf4R5SZzRv8CK4VOR_u8I5-OQOJX5mmKinCkQQ64mfOuWtviyBf3ssFp-RQvebmmR38UfxCywdX9CXgvDOXA66OGBfLRgGT_Gnokazjyi9SGnUK5qqpt7O
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pdfarsivci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
new.run.place/	1970-01-20 18:20:08	Name: bhit Value: 0
new.run.place/	1970-01-20 18:20:08	Name: intm Value: 1707435809
new.run.place/	1970-01-20 18:20:08	Name: refer Value: noref
new.run.place/	1970-01-20 18:20:08	Name: noref Value: visited
new.run.place/	1970-01-20 18:20:08	Name: page Value: main
.ypupfy.com/	1970-01-20 18:18:42	Name: truniq Value: 1
.ypupfy.com/	1970-01-21 03:02:51	Name: prompt Value: 1
.ypupfy.com/	1970-01-20 18:18:42	Name: tracking Value: 1
bristolchristian.org/	1970-01-20 18:18:42	Name: uclick Value: 52qdvcfy
bristolchristian.org/	1970-01-20 18:18:42	Name: uclickhash Value: 52qdvcfy-52qdvckt-pm8n-0-1zi4-q5y9-q5u3-f250f1
pdfarsivci.com/	1970-01-20 18:18:42	Name: external Value: a2_15378670690368769792_536554_2_0
pdfarsivci.com/	1970-01-20 18:18:42	Name: ts Value: 2
pdfarsivci.com/	1970-01-20 18:18:42	Name: click Value: dd82b52qdvcktfff
pdfarsivci.com/	1970-01-20 18:18:42	Name: u Value: eyJsIjoiaHR0cHM6XC9cL2Jlc3QtZGF0aW5nLXNpdGVzLTIwMjMuY29tXC91c1wvc2JcLyIsInQiOiJodHRwczpcL1wvYnJpc3RvbGNocmlzdGlhbi5vcmdcLyJ9
pdfarsivci.com/	1970-01-20 18:18:42	Name: openCount Value: 2
.doubleclick.net/	1970-01-20 18:17:16	Name: test_cookie Value: CheckForPermission

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pdfarsivci.com/achorary-revolt-at-toshiba.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bristolchristian.org
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
href.li
idygez.com
mdakky.com
new.run.place
pagead2.googlesyndication.com
pdfarsivci.com
tpc.googlesyndication.com
wokoez.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
ypupfy.com
142.251.40.226
185.162.87.220
192.0.78.27
2606:4700:3030::ac43:b408
2606:4700:3031::ac43:ac54
2606:4700:3036::6815:46b5
2606:4700:3037::6815:5003
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::2003
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2001
2607:f8b0:4006:817::200a
2607:f8b0:4006:824::200e
2a02:b4a:1:7::9273:1
2a02:b4a:1:7::9274:1
95.47.161.64
083453bf4d12b9c46f44e3b434994e63ab8d8507300e67eaa25d9c7a9c0354bf
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1820d76c9051d3fd7b1d61af7cf77ff03153aa840c2183550b32e86494ea7b48
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1a24f65c00a46166e180a3501c19b60562e56362308ea9363130620772de741a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1df6abfbcffaf65a44ff948bb9735fa290580f9c591e9c73d57f9fe43bf862eb
1e8bfc03cfd06ec795543dc10d8b7f35485f32b6571602ae6c914ce0d27fd28d
21e146c8bcdf92f39b02ab0168fe363db6c9b0c0269115ffc6ebf31a0f396f76
2263488f4b3a05d13b129472c4207cd72a2b41881e0167d5ca06882ed78a64ee
25a5e3e0ef672707e3964864d0f2efcdc0929f4358f0cdedff04c415f446dffa
25f8d252a34db20e41b9f3fcf51c022ad2f0876bd47be65caba671bb8bad7ccc
2682757391a011314306df2c712bf76cc920792dd27ebfbbeb4debf7bd2dd029
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
349a18fd5e2323a3e492671e5c3052de952e8c3ae599a3575037a5a38255e93e
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
49dba3cdf9da16880fd287ac6dca52030210f6f4e7b66e627ea634afbbbe2bdd
4d8422717684d38a8c50ce8bee6dd6b573edd07902908d8956e5c5720a1e44a9
4dc2e74a6570cbeba61f6b688d6300ce9a1a9cd66bc9d77f49c0f704928091df
4f3ba39c29c06f26f157c5ed22834d97ab812050cf17e6161539cd2438966173
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ae3abf680f6b9783f00c0dc32a3b26bdce2ec8105ec6379a0ed1b41ff112db4
5c2838b480b2a83d43e5383a1c8a5244cd53437bee0d7760ca39fbea7a9a30d3
5c4f94735d9994d44714d38814c4e91a1bf7a1a023c2977dbdeea339c2c6f765
5e89f1a7aea0ba7312a02b1a4c44914db06d73027338ee77c06a572d24006429
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
689c72d7718868395eaf4bbe26e9f52e92f16daaa1d5486b53ae3744a996f1e2
6a72018a502fa72bb1450f1a8b87933f6f9c3059da0aceb62db6f7cb89ff611c
6d5080d467ae9ed6a8acf69e2e8d1aad25969ee1da3951fb433abc56f08d57de
6f98de269105c04d9d750ea409127b9d119a42790a34c3377754777c8245ebe7
722e157ea0af9b8ea5b0f83f61363ca665e0eb2439473267f3663c21b6993cd7
734805f6ef2a628820ab273d6600ef790cb6887b4bef6d65fe9a3043f65aa7e8
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
791ab4512c027fb3741dd66ce6338f882cde799995fd4ae0cc506ca9b7de5990
7b5323d1ededefbfd3f85b8902786ae71b4cb7e1867b05116a08d3a4126ea2a8
7d475cbbf27ee650ad28e06d88fa100f4720625126d8f61fdc8e614614bcaf4f
7f17aca10c855f9f6f158a32b59f5ad2f08875b00deba92088577bf7f90a98f3
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
8510e2ce2117f6f04ad9dda1ba9484711635c5b85ae6ae0dc6c921e96a689f54
87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da
89d02c9f80bf5d586d78c9254c63cc1dfeffdcd9aaedb5666920f9dac9b691b8
8b0644f3b8991802672fe2bae893536968a5a3ed24173f8988d83bf432e3665d
8f8078d5fa79042c80aff9ac50f962fca0a2461febc620b567e38fff39ddc182
90cc7d5f67c37f49c75d35a912d7cd82edf84e3217546a68091f9da2925f4a32
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
9702da67a9d9ece734b50e74ecfc056da1b545522f8834db0fa074695dfd792f
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99953d3788a76b3b5392d7c3c2fc57a741f5d5c2b263616fdd07938aa2aa1b5b
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a39109413936412901dd25403243a6f65ab2c3a4e84e768666369ef0386c64c1
a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b5104dc06faffc326c8f8a5da2f0cf85c5cf35064eae62871acc3cabf8f35c78
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
c67b22ebc9961f94f20fab1ff8d6d9d98291b8adccfe833664eb2af8b06275e0
c92742e4542f6473caa2857bb21894d6004655421bbb09623fdfba0f277156ec
cb6a14b6a80e8edce376d6d71f1327500dfe5054632e1ccea9410b486e46bba6
cba34e474754a973830d7e0c186f151ed6ae190abdcf99efe0561db3b554feb3
d079e6757ff169b8252a45af5d1773b053f1b35ae7c0f3ae6a7f6a891acc28c1
d1e72f6514e8f4b0dc8ca958ec1af4c6127613e5e67cf06f102e070373954434
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
da7467865e2e7a2eededd4295b36eed14e8a4cdca4484b29c00c9c435b12814c
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ba6ccaef913364bc957ac5e2a4f266052c058d3277eba0af7e72912ea16071
e8fc5ef32c8c149a43dfb60012f4b44e21d2fb9e4f90291573363e496b9aa476
edaa92621e65c81c9d6ee89f3fa39d3f63c42fdf0fb91e47fd2f9583469c0609
ee51889876a47d029eefdd73d6d0e0951620d2240c46b67844b2421fd06944f3
ee722fbe14fb1d4f9be819f751060dac917300406c95b2aa67289ba7f493b7ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e
f1d759e86165ec9e5f9f5c9775acfe83f2c00833aa1c3522fbede166c38a2205
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f897d21aec740035fa576b1cd33c1773c7870ed3f346c124f9785a02e1738dd6
fa6c46550cf58d88334c44050cb9db5a0f693e4f8212a977cd9fdefface9905d
fd06c58aba90b8c7532d83473adf084836b35409d7e6af115bd7180440e534aa
fd4cddd0ea9f0e8c581af2febdbf665eeed86459eb8efaee86c40d7987417173
fe9388f2c20810c66e045411cdb7bead132fc8248c7142bb05dbc5e0e9eefe17
ff2e516af991d71b5eea34bd85529d7a521dad9a935b5aa737449389c77962bf
ffb2f2d99b0c239c9f6d40069d5d31aebbe1544fe5e3195b4444236abcaed3a6

pdfarsivci.com Open in urlscan Pro 2606:4700:3037::6815:5003 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

98 %HTTPS

79 %IPv6

15 Domains

18 Subdomains

16 IPs

3 Countries

2528 kBTransfer

5777 kBSize

16 Cookies

2 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pdfarsivci.com Open in urlscan Pro
2606:4700:3037::6815:5003 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

98 %
HTTPS

79 %
IPv6

15
Domains

18
Subdomains

16
IPs

3
Countries

2528 kB
Transfer

5777 kB
Size

16
Cookies

125 HTTP transactions
5 data transactions