kindabooks.biz Open in urlscan Pro
2606:4700:3036::ac43:9fe5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Submission: On April 07 via manual (April 7th 2021, 10:25:12 pm UTC) from RO

Summary HTTP 57 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 18 domains to perform 57 HTTP transactions. The main IP is 2606:4700:3036::ac43:9fe5, located in United States and belongs to CLOUDFLARENET, US. The main domain is kindabooks.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 24th 2020. Valid for: a year.

This is the only time kindabooks.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:303... 2606:4700:3036::ac43:9fe5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:e9:... 2a02:26f0:e9::212:d5b1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8 8	2a03:2880:f03... 2a03:2880:f036:13:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f03... 2a03:2880:f036:1d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	192.99.8.27 192.99.8.27	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
57	21

17 2606:4700:3036::ac43:9fe5 (United States)

ASN13335 (CLOUDFLARENET, US)

kindabooks.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:e9::212:d5b1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

fbcdn-profile-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f036:13:face:b00c:0:2 (United States) 8 redirects

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f036:1d:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.27 (Canada)

ASN16276 (OVH, FR)
PTR: ns500876.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	kindabooks.biz kindabooks.biz	815 KB
8	fbcdn.net scontent-frx5-1.xx.fbcdn.net static.xx.fbcdn.net	7 KB
8	facebook.com 8 redirects graph.facebook.com	2 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	156 KB
4	googleapis.com translate.googleapis.com	96 KB
3	gstatic.com www.gstatic.com	4 KB
3	akamaihd.net fbcdn-profile-a.akamaihd.net
2	google-analytics.com www.google-analytics.com	19 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	google.com translate.google.com adservice.google.com	3 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	642 B
1	googletagmanager.com www.googletagmanager.com	38 KB
1	cloudflare.com cdnjs.cloudflare.com	986 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	10 KB
1	jquery.com code.jquery.com	33 KB
57	18

	Domain	Requested by
17	kindabooks.biz	kindabooks.biz
8	graph.facebook.com	8 redirects
5	scontent-frx5-1.xx.fbcdn.net	kindabooks.biz
5	pagead2.googlesyndication.com	kindabooks.biz pagead2.googlesyndication.com tpc.googlesyndication.com
4	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc
3	www.gstatic.com	kindabooks.biz translate.googleapis.com
3	static.xx.fbcdn.net	kindabooks.biz
3	fbcdn-profile-a.akamaihd.net	kindabooks.biz
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s10.histats.com	kindabooks.biz
1	www.googletagmanager.com	kindabooks.biz
1	cdnjs.cloudflare.com	kindabooks.biz
1	maxcdn.bootstrapcdn.com	kindabooks.biz
1	code.jquery.com	kindabooks.biz
1	translate.google.com	kindabooks.biz
57	22

This site contains links to these domains. Also see Links.

Domain
translate.google.com
see.tfaln.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-24` - `2021-12-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
histats.com R3	`2021-02-22` - `2021-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Frame ID: B8B61FD3D39F572140642925E5276B2C
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210401/r20190131/zrt_lookup.html
Frame ID: 231C0DE2A7F9982AC15213AF83DD0719
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5014329951030966&output=html&adk=1812271804&adf=3025194257&lmt=1617834292&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkindabooks.biz%2Fcgi.php%3Fview%3Dtoronto-notes.pdf&ea=0&flash=0&pra=5&wgl=1&dt=1617834292021&bpp=14&bdt=375&idt=118&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4550947829253&frm=20&pv=2&ga_vid=1108985528.1617834292&ga_sid=1617834292&ga_hid=729378074&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C44740079%2C44739387&oid=3&pvsid=492643110367759&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=135
Frame ID: 417A391551F275A10F521E591C0D92A9
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 26ADCD5C74ABB2E41FE8425D28ADB64D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 10C24E3573CF7ED8C96668BC682B6AEF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

57
Requests

100 %
HTTPS

86 %
IPv6

18
Domains

22
Subdomains

21
IPs

5
Countries

1222 kB
Transfer

2043 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

URL: https://see.tfaln.com/offer?prod=2&ref=5272266&sub_id=toronto+notes
Title: Register a free 1 month Trial Account.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://graph.facebook.com/100002361385815/picture HTTP 302
https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8

Request Chain 15

https://graph.facebook.com/627682868/picture HTTP 302
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif

Request Chain 16

https://graph.facebook.com/500063172/picture HTTP 302
https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8

Request Chain 17

https://graph.facebook.com/276175/picture HTTP 302
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif

Request Chain 18

https://graph.facebook.com/123448/picture HTTP 302
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif

Request Chain 19

https://graph.facebook.com/123451/picture HTTP 302
https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8

Request Chain 20

https://graph.facebook.com/123450/picture HTTP 302
https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8

Request Chain 22

https://graph.facebook.com/123454/picture HTTP 302
https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cgi.php Show response
kindabooks.biz/ 12 KB
4 KB 268ms
240ms Document
text/html 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04d6893c24c2e1e169b6f97bf7d308968c6863d7e6eccdc63b0c48949fbd9c59

Request headers

:method: GET
:authority: kindabooks.biz
:scheme: https
:path: /cgi.php?view=toronto-notes.pdf
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d16beedd278e3f1690ad3b5f499f281361617834291; expires=Fri, 07-May-21 22:24:51 GMT; path=/; domain=.kindabooks.biz; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 09500948cc000005e92f12d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4hZ038a1S%2BKGZFCVC6lce7AJlrXEuBCzDOQLTIzo1q5xfzMaFLQ2WHdHLgvdRNJArvr2xcdgGGGaz%2BQ7DpX4qAn587PiOHt7peXuJgcVF9FIMOTbSY8UidWfSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 63c6ab214c8205e9-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
kindabooks.biz/source1/ 120 KB
18 KB 210ms
208ms Stylesheet
text/css 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kindabooks.biz/source1/bootstrap.min.css
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9

Request headers

Referer: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 24 Dec 2020 16:12:06 GMT
server: cloudflare
etag: W/"db921-1deb0-5b73811b8bc31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CCeNvyr3JGqKk1XFLnspT%2FHXwPjTO42XaootkhA44fGndftTUPDjUMvY2od4Nzob0odi%2FRzJGVjHdUzbdBNzZbMFcgzdKXLqE67b8uxr6v8HXG89S%2Bt2VSlkRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 63c6ab22de3005e9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09500949c4000005e9e73de000000001

GET
H2 404 bootstrap.css
kindabooks.biz/source1/ 0
0 211ms
209ms Stylesheet
text/html 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kindabooks.biz/source1/bootstrap.css
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MJxmIbvF3Qk%2FU0304ZDzDQ5FYVv5cpiErZj9mBf2%2BXPwLeBLQTerp9vPmKy6WHDWZqC5%2F9RAfVL5qAwzqZRfxE9kspOnGgvmkDaqUsD55TNK375G0xSmS5%2FtEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 63c6ab22de3205e9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09500949c4000005e9ec887000000001

GET
H2 200 flag-icon.min.css
kindabooks.biz/source1/ 32 KB
2 KB 204ms
202ms Stylesheet
text/css 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kindabooks.biz/source1/flag-icon.min.css
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0c9bf7a40b606390f947277201557a4e6deb8a6ac5270ad52a1bc2a972d8ec3

Request headers

Referer: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 24 Dec 2020 16:12:06 GMT
server: cloudflare
etag: W/"db923-7f7d-5b73811b8c7e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Nmi5DElrgYEGdGocB6ukm1qu%2Bn9bXRUdlt6sllvE4eaq9VHZXNJP1ZvWb%2BcfqE3vycXk5QDcdCpLAt3mlV2RGNzH4zYhHeiOsD7rwBfiW0MWjhaR3hKlDxamQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 63c6ab22de3305e9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09500949c4000005e970ad8000000001

GET
H2 200 font-awesome.min.css
kindabooks.biz/source1/ 21 KB
5 KB 201ms
200ms Stylesheet
text/css 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kindabooks.biz/source1/font-awesome.min.css
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec

Request headers

Referer: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 24 Dec 2020 16:12:06 GMT
server: cloudflare
etag: W/"db924-55e3-5b73811b8c7e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lRrKRdZJMKPvWR1r4YZ51tSXrupTPdexYiKS4r4Nem2S98d7jgy%2Fq73EcLyvyr5%2FktQApR%2B4j%2Fl6CYOpEwnhHv6nirZW8mdFjaQ0bLepK7v5G2V6Dh8U7hInOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 63c6ab22de3505e9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09500949c5000005e947b70000000001

GET
H2 200 style.css
kindabooks.biz/source1/ 3 KB
1 KB 202ms
200ms Stylesheet
text/css 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kindabooks.biz/source1/style.css
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71ea135b421a2ddbe31b8509229a13ed00a2b31b53e84ef5f630de0224515502

Request headers

Referer: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4485
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09500949c5000005e92f9c4000000001
last-modified: Thu, 24 Dec 2020 16:12:06 GMT
server: cloudflare
etag: W/"db928-1185-5b73811b8eb11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f7Nq5LJl4E3VJ4tV44eXjT0HvNeVdWO6llIdtqUn1%2FHe2Nc7BfpombiDc7UWrp%2FE3i6xKRcJxuN7pOQ%2Fd%2BP%2Bv0GhVsv%2BC4dEdstN%2BvaqHWhvtX702nqX5y2DXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 63c6ab22de3605e9-FRA
cf-bgj: minify

GET
H2 200 fbfeed.css
kindabooks.biz/source1/ 1 KB
803 B 200ms
199ms Stylesheet
text/css 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kindabooks.biz/source1/fbfeed.css
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c4ae45bd5a649613d3cab5545435a8417a0f0dba715c6b86e4534295e6ad0e

Request headers

Referer: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1707
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09500949c6000005e9f2b69000000001
last-modified: Thu, 24 Dec 2020 16:12:06 GMT
server: cloudflare
etag: W/"db922-6ab-5b73811b8bc31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7s45Uw4KAHDTOhIWjkTpKNaMkXTb7jokARmoHDaQ2XLUZUSGJI1dCe7x5cZhcqG%2BupPI%2BH%2B7UDs9gTah92%2F1coY%2FuouiTXKiX%2B1q3JFI3dpfB4ZRu2wXaGpQRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 63c6ab22de3705e9-FRA
cf-bgj: minify

GET
H2 404 sg1a.js
kindabooks.biz/js/ 0
0 202ms
201ms Script
text/html 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kindabooks.biz/js/sg1a.js
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xTCqhXyd3i6CvAPUoB44xcDIzBlS1epJJkWnym5%2B9qPWaKFyCSBsw9nv8M5Ulbec%2FkMWscLVWKVp1FxXp6nhR5XEAKgrzccEiT8V2wgI7hHpvJ2pftBHlc7f4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 63c6ab22de3905e9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09500949c6000005e95630d000000001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b2a0f1e86abfa08804e22ecd2cfe7ab2eeb6a904776d873975814f19801fe6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47973
x-xss-protection: 0
server: cafe
etag: 14156890614107234780
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Apr 2021 22:24:51 GMT

GET
H2 200 pdf.png
kindabooks.biz/ 59 KB
59 KB 202ms
199ms Image
image/png 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kindabooks.biz/pdf.png
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0071e54113b9d32ba57694b97022854bd19e597a36e50e00b51e3b705a9a616

Request headers

Referer: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60428
cf-request-id: 0950094aa1000005e9649db000000001
last-modified: Thu, 24 Dec 2020 16:12:06 GMT
server: cloudflare
etag: "db95f-ec0c-5b73811b9be00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8xS5ADdeQc5Q4Gn72yb48SUne64IQ8XV9EhecXXTUZKkQ7rbtM2vusj6w3XJ7to4UjZcA%2F7pIoLm70yY%2BqYVXkVzy7h6PVOkxK9zicsPMEW5K2hLqB5bZq5%2B0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63c6ab243fc505e9-FRA

GET
H2 200 pdf.png
kindabooks.biz/sip/ 59 KB
59 KB 208ms
205ms Image
image/png 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kindabooks.biz/sip/pdf.png
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0071e54113b9d32ba57694b97022854bd19e597a36e50e00b51e3b705a9a616

Request headers

Referer: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60428
cf-request-id: 0950094aa1000005e95b1ab000000001
last-modified: Thu, 24 Dec 2020 16:12:06 GMT
server: cloudflare
etag: "db91c-ec0c-5b73811b8ac91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rHBLozmiHpmYGZ8XDMVZV3w8%2BlsD4JECp5%2FjhzzQs33H7bc8KJB4OXSc20ihfNfuKI1S0iCrJ1KwtWEUWlxlJ%2B4K1o9fLzRXRFcRWRKBAx568alQYrFbpem7ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63c6ab243fc605e9-FRA

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

f78fc93e9b80aa44820b84bc8ab2be163fbaa08d29486a6576c19a17c87fab42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 22:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 reward.png
kindabooks.biz/source1/ 95 KB
95 KB 208ms
206ms Image
image/png 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kindabooks.biz/source1/reward.png
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9931390c46d53d856aedf3d4663fe37bf81ae11e97e871c4da311f283a6dc61

Request headers

Referer: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96902
cf-request-id: 0950094aa1000005e91934b000000001
last-modified: Thu, 24 Dec 2020 16:12:06 GMT
server: cloudflare
etag: "db927-17a86-5b73811b8e729"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eLX08b4WMaF4XqpXy39FZc5F%2FG2O9gyXMguWWcaz%2FRerFISXJWbPvA2dN6yIv3I5hRqBKiCkCmmwse%2BLojf6uqQ%2FJxNVu8QeMSqXFtnQemraoyaWNWW8OR%2FkGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63c6ab243fc805e9-FRA

GET
H2 400 27383_100001191353904_1534_q.jpg
fbcdn-profile-a.akamaihd.net/hprofile-ak-prn1/ 0
0 50ms
12ms Image
text/html 2a02:26f0:e9::212:d5b1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbcdn-profile-a.akamaihd.net/hprofile-ak-prn1/27383_100001191353904_1534_q.jpg
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:e9::212:d5b1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 400 371865_100003492652950_2083523518_q.jpg
fbcdn-profile-a.akamaihd.net/hprofile-ak-snc7/ 0
0 50ms
13ms Image
text/html 2a02:26f0:e9::212:d5b1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbcdn-profile-a.akamaihd.net/hprofile-ak-snc7/371865_100003492652950_2083523518_q.jpg
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:e9::212:d5b1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

84628273_176159830277856_972693363922829312_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/
Redirect Chain

https://graph.facebook.com/100002361385815/picture
https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scont...

998 B
1 KB

6ms
6ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8155998d8e66d0cd7640a991577f76f858f46630d5e2ae38d65950370eb0db5e

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 674913611
date: Wed, 07 Apr 2021 22:24:52 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 03 Feb 2020 18:53:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3168106802
x-fb-config-version-olb-prod: 1056
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 998

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003584713
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Oq7KpUgeUKokjJEj2Ow4tbrcXu2CLYXTE6SLx3S9Gl6gjr+pL2P8mgjEzFklTmwmateKl7591nzs3AWBVtOLhw==
x-fb-trace-id: AyapVa7uyT/
date: Wed, 07 Apr 2021 22:24:51 GMT
content-type: image/jpeg
location: https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8
x-fb-request-id: AcvNCh6S02BjyrZ7dKlGJs5
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

UlIqmHJn-SK.gif
static.xx.fbcdn.net/rsrc.php/v3/yo/r/
Redirect Chain

https://graph.facebook.com/627682868/picture
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif

390 B
555 B

12ms
12ms

Image
image/gif

2a03:2880:f036:1d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif

Requested by

Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f036:1d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28fb9862b8622b1ea4c76a959cc234425db61082ca0d89251429d214772bfa87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
x-content-type-options: nosniff
content-md5: rxDNxBROChawl6KTsNlUIg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 390
x-fb-rlafr: 0
x-fb-debug: 2yHeWBMnqT0tV/AAz3Ud0s1HUAlYlufIMg7bpSpmfsd8fKq7IeGQY2sUa//Vx32oJEignPcQ6Mx2osW1geNP4g==
x-fb-trip-id: 512678718
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 25 Mar 2022 10:31:41 GMT

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003584713
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 5nxm5Ky3Imc8dKHVLc+KCP1T3zxnPC4ous6qszSdtOfr/ZDyWx055yGZntImqpABgEY1s7DUTZ6xagaEugnsZw==
x-fb-trace-id: BBfch31OmPr
date: Wed, 07 Apr 2021 22:24:51 GMT
content-type: image/jpeg
location: https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif
x-fb-request-id: Az6ZrPLK6L-jCbK_iX7xxSI
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

84628273_176159830277856_972693363922829312_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/
Redirect Chain

https://graph.facebook.com/500063172/picture
https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scont...

998 B
1 KB

6ms
6ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8155998d8e66d0cd7640a991577f76f858f46630d5e2ae38d65950370eb0db5e

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 674913611
date: Wed, 07 Apr 2021 22:24:52 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 03 Feb 2020 18:53:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3168106802
x-fb-config-version-olb-prod: 1056
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 998

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003584713
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ukkDLUudw4CtNWm9rPV9IXlLzPBj8tRqFGucpdFm2hR9I0RJmU2cr4uBjjq6ISfzEa63o0zkFqwttwV7sqYzXg==
x-fb-trace-id: BwYAQtTdFKA
date: Wed, 07 Apr 2021 22:24:51 GMT
content-type: image/jpeg
location: https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8
x-fb-request-id: AMfffpYzPf7_-ljaFXvYzqV
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

UlIqmHJn-SK.gif
static.xx.fbcdn.net/rsrc.php/v3/yo/r/
Redirect Chain

https://graph.facebook.com/276175/picture
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif

390 B
801 B

38ms
12ms

Image
image/gif

2a03:2880:f036:1d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif

Requested by

Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f036:1d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28fb9862b8622b1ea4c76a959cc234425db61082ca0d89251429d214772bfa87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
x-content-type-options: nosniff
content-md5: rxDNxBROChawl6KTsNlUIg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 390
x-fb-rlafr: 0
x-fb-debug: 2yHeWBMnqT0tV/AAz3Ud0s1HUAlYlufIMg7bpSpmfsd8fKq7IeGQY2sUa//Vx32oJEignPcQ6Mx2osW1geNP4g==
x-fb-trip-id: 512678718
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 25 Mar 2022 10:31:41 GMT

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003584713
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: fqwrQXgGqkBJlMLNTcaG1aVdn8KHc/XO6PKNk++RbF/FEXYD+1wTir16wxtvHau2HTuVjw+nAvptokdp7H5kaw==
x-fb-trace-id: EHILwKYoM5G
date: Wed, 07 Apr 2021 22:24:51 GMT
content-type: image/jpeg
location: https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif
x-fb-request-id: AsM2jZts9hsEJSO55sVv2Rd
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

UlIqmHJn-SK.gif
static.xx.fbcdn.net/rsrc.php/v3/yo/r/
Redirect Chain

https://graph.facebook.com/123448/picture
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif

390 B
532 B

12ms
12ms

Image
image/gif

2a03:2880:f036:1d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif

Requested by

Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f036:1d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28fb9862b8622b1ea4c76a959cc234425db61082ca0d89251429d214772bfa87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
x-content-type-options: nosniff
content-md5: rxDNxBROChawl6KTsNlUIg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 390
x-fb-rlafr: 0
x-fb-debug: 2yHeWBMnqT0tV/AAz3Ud0s1HUAlYlufIMg7bpSpmfsd8fKq7IeGQY2sUa//Vx32oJEignPcQ6Mx2osW1geNP4g==
x-fb-trip-id: 512678718
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 25 Mar 2022 10:31:41 GMT

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003584713
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: shjHhQLq/7JNYle9vNSg4ikZ4lUsgnnC7025bvc1MUkDwFkxOM7c/zsA5fhOfopH/nEDcIaIROv/M6vmR9gMDw==
x-fb-trace-id: GyFySpOvUXf
date: Wed, 07 Apr 2021 22:24:51 GMT
content-type: image/jpeg
location: https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif
x-fb-request-id: AF8B6bmnwmbESoUZW9vIFAu
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

84628273_176159830277856_972693363922829312_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/
Redirect Chain

https://graph.facebook.com/123451/picture
https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scont...

998 B
1 KB

19ms
6ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8155998d8e66d0cd7640a991577f76f858f46630d5e2ae38d65950370eb0db5e

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 674913611
date: Wed, 07 Apr 2021 22:24:52 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 03 Feb 2020 18:53:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3168106802
x-fb-config-version-olb-prod: 1056
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 998

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003584713
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 3WrVOqlI81DQy0+YZMjA6eo7Iz87TcFI3Rw6P9zRkGoGNXxnavSqlN1aR3aIVm/bnxD5zO4TC+McNAJpQtNGdw==
x-fb-trace-id: AxSbXWzyLEo
date: Wed, 07 Apr 2021 22:24:51 GMT
content-type: image/jpeg
location: https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8
x-fb-request-id: Ax80J02tdiGP_dumjC9CoFu
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

84628273_176159830277856_972693363922829312_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/
Redirect Chain

https://graph.facebook.com/123450/picture
https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scont...

998 B
1 KB

6ms
6ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8155998d8e66d0cd7640a991577f76f858f46630d5e2ae38d65950370eb0db5e

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 674913611
date: Wed, 07 Apr 2021 22:24:52 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 03 Feb 2020 18:53:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3168106802
x-fb-config-version-olb-prod: 1056
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 998

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003584713
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: L9DHJBSC3NXUq6MARVfHoF5YMKtU4tLD3DgIyOvWvFgqE8CkqdHf+trSNwNCa8/M7ypwB3djJ2WHhZcDWoLwrA==
x-fb-trace-id: C0ot9F0bPZt
date: Wed, 07 Apr 2021 22:24:51 GMT
content-type: image/jpeg
location: https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8
x-fb-request-id: AzwJXVp7dbr-B0GRSoiT_oH
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 400 49852_593864739_9595_q.jpg
fbcdn-profile-a.akamaihd.net/hprofile-ak-ash3/ 0
0 13ms
12ms Image
text/html 2a02:26f0:e9::212:d5b1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbcdn-profile-a.akamaihd.net/hprofile-ak-ash3/49852_593864739_9595_q.jpg
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:e9::212:d5b1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

84628273_176159830277856_972693363922829312_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/
Redirect Chain

https://graph.facebook.com/123454/picture
https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scont...

998 B
1 KB

6ms
6ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8155998d8e66d0cd7640a991577f76f858f46630d5e2ae38d65950370eb0db5e

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 674913611
date: Wed, 07 Apr 2021 22:24:52 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 03 Feb 2020 18:53:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3168106802
x-fb-config-version-olb-prod: 1056
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 998

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003584713
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: LWtPFPGdp99HeRvipgu1JJArsBgMJ3Kqza6IavaQ2I6ojh6NLGHcxjPW+49niAZGlRBdJz5j0jNjlgET3p/3QA==
x-fb-trace-id: CwrXMqrKG4K
date: Wed, 07 Apr 2021 22:24:51 GMT
content-type: image/jpeg
location: https://scontent-frx5-1.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=26HWl1PGXCkAX_ud0BB&_nc_ht=scontent-frx5-1.xx&tp=27&oh=83af2f78e63f175d567878203f455886&oe=60921EB8
x-fb-request-id: AWnkqgoxmakkQeHrAPK9INh
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pdf.jpg
kindabooks.biz/ 17 KB
17 KB 212ms
210ms Image
image/jpeg 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kindabooks.biz/pdf.jpg
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f285a1c8ef68084ae5b6225443d00983d90eb82773a978083691e6e762f11b51

Request headers

Referer: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17039
cf-request-id: 0950094aa1000005e95f803000000001
last-modified: Thu, 24 Dec 2020 16:12:06 GMT
server: cloudflare
etag: "db95d-428f-5b73811b9ba18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7%2FOF%2Br4h2APBSEdW8HVI4z8wQqmvy37XBVLf9tbfEl2oqr8dyHPX43f5dG%2BK0MqQhCXewnAFy5dN9bIpoi%2Bq6G43cT6E5NsU3SQCbdaP0tPidBVza0NkO0PLYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63c6ab243fc905e9-FRA

GET
H2 200 jquery-1.12.0.min.js Show response
code.jquery.com/ 95 KB
33 KB 26ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.0.min.js
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2016 19:57:42 GMT
server: nginx
etag: W/"569014b6-17c52"
vary: Accept-Encoding
x-hw: 1617834291.dop051.fr8.t,1617834291.cds242.fr8.hn,1617834291.cds284.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33820

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
10 KB 42ms
23ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617
age: 2429838
cdn-cachedat: 2021-03-10 20:26:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0950094ab0000096da1e26e000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a4b8e963756382068a4e1d285e17b9f8
cf-ray: 63c6ab2448ea96da-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
986 B 29ms
26ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7857079
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 591
cf-request-id: 0950094aa30000c303acbf1000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CkpEiAzUEqljjrWACUBUZEUvRyhON01YoBpzgDelTS2zM6fFHlKJ5bPXU0%2Fr2TsUvp47zDmdMK7YNEq7MEOSoeMbuanUpiu7WgGpqzGRg%2FBUH7Yl3Lo0CA%2BAzQ0UVBZBDA%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63c6ab243817c303-FRA
expires: Mon, 28 Mar 2022 22:24:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-164785259-1

Requested by

Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a575539dbab70267604363474b752110f04dfb9116743d11cd8253a08ff08087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39184
x-xss-protection: 0
last-modified: Wed, 07 Apr 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Apr 2021 22:24:51 GMT

GET
H2 200 latar.png
kindabooks.biz/source1/ 552 KB
553 KB 206ms
206ms Image
image/png 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kindabooks.biz/source1/latar.png
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/source1/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 244398547d1702202c276b8d7855135cf50c63ccd79941363013c421d85572e9

Request headers

Referer: https://kindabooks.biz/source1/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 565443
cf-request-id: 0950094aa1000005e9ec891000000001
last-modified: Thu, 24 Dec 2020 16:12:06 GMT
server: cloudflare
etag: "db925-8a0c3-5b73811b8e341"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r%2F%2FPqxyZZRxiuN458iQJePnBvQLJBnprHThR8RJbJtfl2ez9ec1wsOFF3BJ0Yxjr7cQNZKad1sq2%2B2DLHCQYBycPX8uRF0VPoJj60sKiO78tI3W4pweSzf4XDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 63c6ab243fca05e9-FRA

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
3 KB 27ms
6ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 21:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2930
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 07 Apr 2021 22:36:01 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 21:35:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2933
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1673
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 22:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 07 Apr 2021 22:35:58 GMT

GET
H2 404 sprite.png
kindabooks.biz/img/ 331 B
331 B 197ms
196ms Image
text/html 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kindabooks.biz/img/sprite.png
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/source1/fbfeed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e78af3eaa56596a9ac5c5d0821fff07bd03fc2220a7488d0b89f53da9deb2335

Request headers

Referer: https://kindabooks.biz/source1/fbfeed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KN5WMWwgm7xwjMaSSocwV0R9Ksh32m9bALjlo19o40KBDwawSw0tQJi8D3bd57Z6dIbqVbRAWGZ4vy%2FIAFUt1Ohqrt2KQYWUzRGv8RKN7elZIDvNNMC8fSGR5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 63c6ab24b85105e9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0950094aee000005e96d11c000000001

GET
H2 404 glyphicons-halflings-regular.woff2
kindabooks.biz/fonts/ 0
0 195ms
195ms Font
text/html 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kindabooks.biz/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/source1/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://kindabooks.biz
Referer: https://kindabooks.biz/source1/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xgeulEDbcpaGNu72Ehhc%2FOq6ulhL0M0Hk1hefMqlpsUaKdu%2FbvWPaogFR3p0KVO3qUmPm9V49uSaOOPp8TZkS6k2WCRSvXjHqKaB1l5bEJpcokjjMYlMpDILBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 63c6ab24b85405e9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0950094af0000005e9f51c7000000001

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 105ms
35ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:19:45 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 51.254.41.128/26
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4364
x-request-id: 205685280

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210401/r20190131/ 224 KB
84 KB 55ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210401/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5014329951030966&plah=kindabooks.biz&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab6868b2350ea5d1774a1160452024dd020dc64c65e9281f2674e46e90dcef57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85922
x-xss-protection: 0
server: cafe
etag: 12501389591399758798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Apr 2021 22:24:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210401/r20190131/ Frame 231C 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210401/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210401/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kindabooks.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kindabooks.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 07 Apr 2021 17:33:07 GMT
expires: Wed, 21 Apr 2021 17:33:07 GMT
content-type: text/html; charset=UTF-8
etag: 13254444762018554669
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4647
x-xss-protection: 0
age: 17505
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20210224_00/e/js/element/ 250 KB
90 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 17:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17333
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91310
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 18:08:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 17:35:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164785259-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 2523
date: Wed, 07 Apr 2021 21:42:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Wed, 07 Apr 2021 23:42:49 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
64 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=729378074&t=pageview&_s=1&dl=https%3A%2F%2Fkindabooks.biz%2Fcgi.php%3Fview%3Dtoronto-notes.pdf&ul=en-us&de=UTF-8&dt=TORONTO%20NOTES%20%7C%20center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=518265787&gjid=594658862&cid=1108985528.1617834292&tid=UA-164785259-1&_gid=1681585842.1617834292&_r=1&gtm=2ou3v0&z=546619104

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 22:24:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kindabooks.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
951 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 14:24:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 28803
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Thu, 07 Apr 2022 14:24:49 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
998 B 7ms
6ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: kindabooks.biz
URL: https://kindabooks.biz/cgi.php?view=toronto-notes.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 11:57:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 210470
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
expires: Tue, 05 Apr 2022 11:57:02 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 04:37:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 64025
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Thu, 07 Apr 2022 04:37:47 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
642 B 114ms
58ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kindabooks.biz&callback=_gfp_s_&client=ca-pub-5014329951030966

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210401/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5014329951030966&plah=kindabooks.biz&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b67c50830786dbf3a69a9d9a9fa9af384d9d046cad6a33a466215aff52bbd542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kindabooks.biz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 22:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kindabooks.biz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 22:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 417A 603 B
581 B 54ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5014329951030966&output=html&adk=1812271804&adf=3025194257&lmt=1617834292&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkindabooks.biz%2Fcgi.php%3Fview%3Dtoronto-notes.pdf&ea=0&flash=0&pra=5&wgl=1&dt=1617834292021&bpp=14&bdt=375&idt=118&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4550947829253&frm=20&pv=2&ga_vid=1108985528.1617834292&ga_sid=1617834292&ga_hid=729378074&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C44740079%2C44739387&oid=3&pvsid=492643110367759&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=135

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5014329951030966&output=html&adk=1812271804&adf=3025194257&lmt=1617834292&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkindabooks.biz%2Fcgi.php%3Fview%3Dtoronto-notes.pdf&ea=0&flash=0&pra=5&wgl=1&dt=1617834292021&bpp=14&bdt=375&idt=118&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4550947829253&frm=20&pv=2&ga_vid=1108985528.1617834292&ga_sid=1617834292&ga_hid=729378074&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C44740079%2C44739387&oid=3&pvsid=492643110367759&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=135
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kindabooks.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kindabooks.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 07 Apr 2021 22:24:52 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Apr-2021 22:39:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa5e01e38d554ca21f9c4aa9e7a6345d7d8f017520925a73648e4f3ee3a7b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617660453263920"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28267
x-xss-protection: 0
expires: Wed, 07 Apr 2021 22:24:52 GMT

GET
H2 404 glyphicons-halflings-regular.woff
kindabooks.biz/fonts/ 0
0 207ms
206ms Font
text/html 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kindabooks.biz/fonts/glyphicons-halflings-regular.woff
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/source1/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://kindabooks.biz
Referer: https://kindabooks.biz/source1/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yUR2dgl4lha5vc3P7C5gqUwK3eF2l21zrTgUGQ42WNFGw5dTbkToMnHQaeUggytWFtUdF6AqWiBKtijQxb00d8S%2BW6ef9lvSH1pNEH7GPYEhHcEz78BDPqYDEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 63c6ab2609e005e9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0950094bc6000005e92f154000000001

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 344ms
114ms Script
text/html 192.99.8.27
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2864861&@f16&@g1&@h1&@i1&@j1617834292166&@k0&@l1&@mTORONTO%20NOTES%20%7C%20center&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-17377883&@b3:1617834292&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fkindabooks.biz%2Fcgi.php%3Fview%3Dtoronto-notes.pdf&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.27 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500876.ip-192-99-8.net
Software: /
Resource Hash: 6afe5413b33c14357cafaf88ce781439c39be021114c8c3d368f0b6d19af5e45

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 22:24:52 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H3-Q050 200 l Show response
translate.googleapis.com/translate_a/ Frame 26AD 3 KB
1 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vHbfQfsMFOxcjE7A+XnTSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-vHbfQfsMFOxcjE7A+XnTSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
date: Wed, 07 Apr 2021 22:24:52 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 404 glyphicons-halflings-regular.ttf
kindabooks.biz/fonts/ 0
0 200ms
199ms Font
text/html 2606:4700:3036::ac43:9fe5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kindabooks.biz/fonts/glyphicons-halflings-regular.ttf
Requested by: Host: kindabooks.biz
URL: https://kindabooks.biz/source1/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9fe5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://kindabooks.biz
Referer: https://kindabooks.biz/source1/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8FYSqv5ydofQa%2BqmMktvykS9G07Xc0xn9neoIp4uXExei4tx1tLBRznyxRfa3eBMMmx3rw90fx2qpNh2n3uxyDErvqPcA0ju9V2ePcTsioTVlTF74hK2M6%2FShA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 63c6ab275b2b05e9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0950094c96000005e947b91000000001

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 44ms
30ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210401&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bb72ced802f4fe66b80286faef5d31a70263cf7637493fbc3eedfa70ead2d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 22:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6579
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 07 Apr 2021 22:24:52 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 10C2 12 KB
5 KB 34ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kindabooks.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://kindabooks.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 07 Apr 2021 21:22:40 GMT
expires: Thu, 07 Apr 2022 21:22:40 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3732
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 10C2 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 17:21:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 18193
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Thu, 07 Apr 2022 17:21:39 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 40ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210401&jk=492643110367759&bg=!SEulSw_NAAY56aLOOek7ACkAdvg8WosSZTHt0VsxKKNIoAb87sOISjRMxmwiajcYw8RCP41Lvv3I8gIAAABYUgAAAAloAQcKAT93e-z5U9LJmDDUXIyQAF0ADDox53HEoAlzaRzQ8UmkoFqRcDPWWzsUTtslG4m9GApR6XifHVaFsdKitloQxDsEePv3QO3i0hoiWTs5JzwIVFCSE74ZYA0cz6ePX5dql5BoslHqrN5EcldHeGeocsSlrFkMFSlNJrFJughuJmtropz4VpPMWQK9fx7r6ZTMMTaZ6Tmyc4h7S2Z9iFsUfx68NsPZwCRfd0OWf4FHL-LMc9e-hbPhL8qOMpggKsz9Od5NyTySQSOjrBISsr3Vnbm651fH7_14B9KWfRFE6Z1gsX34LcNkiyt161D52rdFNOaFpO3h6J2pEGk1jX3poC2VFWI0RZvoaR63UBALOFl0bsPMQwJXJj7I5mXO94qpc7-E19xtLwpJqDol5Qw9Q66-rtSRGQVTtNFDG_U7ynmomQHUzJFyNGrgvN5uABZYe40mSJgZAd9xgogEo6DZMm3t0NuvHjCgpEDtAHp0J-JhV8P_-fBbMYm5jS14mHZfBF5h09TDaq_1h8AjE1j5ol_-Rrs2F_G5XWe8EihRyKyErl58yqsu1sL-jXSdfGjmJWNqG7z5pJYisuiH5DNdfD7zG9mS8PEnPGdpppphDef51MvTk8T6qyvLiL9gDUwr0zwyZvkuxzjf2rg57TUnkJSeQ_5uosuhjWv1Al9YDv_NfyB3cG5V7RN4iANwSI4C27jRMTfMlHNPBag_kz8Z-WCrVlfrY83n25_nfsh37ASRAihZc4OU85JziGSzlrEEj0HRIWvrNh3UfY6RGgrqgrt3ZL8j2OSwUm8qEN_aSh4x4aUOW0newRPylKloiCaWhslZtnN0UL6JKQDNyZDHjJU6xRiqNfxZaV6IdAW5mmmCxQzGbkh-kDn5YkMENqxTBsxKUv5MvXSfnt84EpnYhs6-49zzmX1aehuIs62Y41MK-HFtGC-GRv4B5ADzv1sMrBGsfGysIqjWEKMH_QDKs6CzNxk_J_dVZ-5C8Uq46Z66O6DIq-5CodTPfMmGTQHUWQB2s3o50p3VsAmjI0R2JfXdKEsZiz4r

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kindabooks.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 22:24:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:23:55	Name: test_cookie Value: CheckForPermission
.kindabooks.biz/	1970-01-20 02:45:30	Name: __gads Value: ID=0b4e71d6b7e9fce4-223ba19cffba0002:T=1617834292:RT=1617834292:S=ALNI_MaVR09OLU6t31Jd9tDhBbA0wMg8CQ
.kindabooks.biz/	1970-01-19 17:25:20	Name: _gid Value: GA1.2.1681585842.1617834292
kindabooks.biz/	1970-01-20 02:09:30	Name: HstPn2864861 Value: 1
kindabooks.biz/	1970-01-20 02:09:30	Name: HstCmu2864861 Value: 1617834292166
.kindabooks.biz/	1970-01-19 17:23:54	Name: _gat_gtag_UA_164785259_1 Value: 1
kindabooks.biz/	1970-01-20 02:09:30	Name: HstPt2864861 Value: 1
kindabooks.biz/	1970-01-20 02:09:30	Name: HstCla2864861 Value: 1617834292166
kindabooks.biz/	1970-01-20 02:09:30	Name: HstCns2864861 Value: 1
.kindabooks.biz/	1970-01-19 18:07:06	Name: __cfduid Value: d16beedd278e3f1690ad3b5f499f281361617834291
kindabooks.biz/	1970-01-20 02:09:30	Name: HstCfa2864861 Value: 1617834292166
kindabooks.biz/	1970-01-20 02:09:30	Name: HstCnv2864861 Value: 1
.kindabooks.biz/	1970-01-20 10:55:06	Name: _ga Value: GA1.2.1108985528.1617834292

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
code.jquery.com
fbcdn-profile-a.akamaihd.net
googleads.g.doubleclick.net
graph.facebook.com
kindabooks.biz
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
s10.histats.com
s4.histats.com
scontent-frx5-1.xx.fbcdn.net
static.xx.fbcdn.net
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.66
192.99.8.27
2001:4de0:ac18::1:a:3a
2606:4700:3036::ac43:9fe5
2606:4700::6810:135e
2606:4700::6812:acf
2a00:1450:4001:800::2001
2a00:1450:4001:800::200e
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200a
2a02:26f0:e9::212:d5b1
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f036:13:face:b00c:0:2
2a03:2880:f036:1d:face:b00c:0:3
46.105.201.240
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04d6893c24c2e1e169b6f97bf7d308968c6863d7e6eccdc63b0c48949fbd9c59
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
244398547d1702202c276b8d7855135cf50c63ccd79941363013c421d85572e9
28fb9862b8622b1ea4c76a959cc234425db61082ca0d89251429d214772bfa87
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3b2a0f1e86abfa08804e22ecd2cfe7ab2eeb6a904776d873975814f19801fe6f
47c4ae45bd5a649613d3cab5545435a8417a0f0dba715c6b86e4534295e6ad0e
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
5fa5e01e38d554ca21f9c4aa9e7a6345d7d8f017520925a73648e4f3ee3a7b79
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6afe5413b33c14357cafaf88ce781439c39be021114c8c3d368f0b6d19af5e45
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71ea135b421a2ddbe31b8509229a13ed00a2b31b53e84ef5f630de0224515502
7bb72ced802f4fe66b80286faef5d31a70263cf7637493fbc3eedfa70ead2d4e
7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
8155998d8e66d0cd7640a991577f76f858f46630d5e2ae38d65950370eb0db5e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575539dbab70267604363474b752110f04dfb9116743d11cd8253a08ff08087
ab6868b2350ea5d1774a1160452024dd020dc64c65e9281f2674e46e90dcef57
b67c50830786dbf3a69a9d9a9fa9af384d9d046cad6a33a466215aff52bbd542
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
d0071e54113b9d32ba57694b97022854bd19e597a36e50e00b51e3b705a9a616
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d9931390c46d53d856aedf3d4663fe37bf81ae11e97e871c4da311f283a6dc61
e0c9bf7a40b606390f947277201557a4e6deb8a6ac5270ad52a1bc2a972d8ec3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78af3eaa56596a9ac5c5d0821fff07bd03fc2220a7488d0b89f53da9deb2335
f285a1c8ef68084ae5b6225443d00983d90eb82773a978083691e6e762f11b51
f78fc93e9b80aa44820b84bc8ab2be163fbaa08d29486a6576c19a17c87fab42
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

kindabooks.biz Open in urlscan Pro 2606:4700:3036::ac43:9fe5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

86 %IPv6

18 Domains

22 Subdomains

21 IPs

5 Countries

1222 kBTransfer

2043 kBSize

13 Cookies

2 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

kindabooks.biz Open in urlscan Pro
2606:4700:3036::ac43:9fe5 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

86 %
IPv6

18
Domains

22
Subdomains

21
IPs

5
Countries

1222 kB
Transfer

2043 kB
Size

13
Cookies

57 HTTP transactions
0 data transactions