www.pdfhost.net Open in urlscan Pro
83.140.191.222 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
Submission: On August 20 via manual (August 20th 2022, 5:52:17 pm UTC) from US — Scanned from SE

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 35 HTTP transactions. The main IP is 83.140.191.222, located in Sweden and belongs to IPO-EU, SE. The main domain is www.pdfhost.net.
TLS certificate: Issued by R3 on July 20th 2022. Valid for: 3 months.

This is the only time www.pdfhost.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	83.140.191.222 83.140.191.222	12552 (IPO-EU) (IPO-EU)
6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	31.13.84.4 31.13.84.4	32934 (FACEBOOK) (FACEBOOK)
2	83.140.191.226 83.140.191.226	12552 (IPO-EU) (IPO-EU)
2	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
4	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
3	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	31.13.84.36 31.13.84.36	32934 (FACEBOOK) (FACEBOOK)
3	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	172.217.18.100 172.217.18.100	15169 (GOOGLE) (GOOGLE)
35	15

6 83.140.191.222 (Sweden)

ASN12552 (IPO-EU, SE)
PTR: web01.jag.digital

www.pdfhost.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.84.4 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-vie1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 83.140.191.226 (Sweden)

ASN12552 (IPO-EU, SE)
PTR: 83.140.191.226.itproductions.se

analytics.itproductions.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

adservice.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.84.36 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-vie1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	213 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 701 syndication.twitter.com — Cisco Umbrella Rank: 956	150 KB
6	pdfhost.net www.pdfhost.net	46 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 52	9 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	2 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 334	17 KB
2	itproductions.se analytics.itproductions.se	63 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	87 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	3 KB
1	google.ru adservice.google.ru — Cisco Umbrella Rank: 39919	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	696 B
35	11

	Domain	Requested by
6	pagead2.googlesyndication.com	www.pdfhost.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	www.pdfhost.net	www.pdfhost.net
4	platform.twitter.com	www.pdfhost.net platform.twitter.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	syndication.twitter.com	platform.twitter.com www.pdfhost.net
2	ssl.google-analytics.com	www.pdfhost.net
2	analytics.itproductions.se	www.pdfhost.net analytics.itproductions.se
2	connect.facebook.net	www.pdfhost.net connect.facebook.net
1	www.google.com	tpc.googlesyndication.com
1	www.facebook.com	connect.facebook.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.ru	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
35	14

This site contains no links.

Subject Issuer	Validity	Valid
pdfhost.net R3	`2022-07-20` - `2022-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-29` - `2022-08-27`	3 months	crt.sh
analytics.itproductions.se Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-01-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com.ru GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
Frame ID: 02B1F79FBC2EC5CE940F8327F9F30730
Requests: 23 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.pdfhost.net
Frame ID: 4720BD82BFF81CF2B264D5EA1E7EDD33
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/zrt_lookup.html
Frame ID: 1437E9DBD2C889CD3761AF58FEC0BD61
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.9d00f3a022654eb8edfbc3190e981f9d.en.html
Frame ID: 69EC79E9E51C3013C3B26FA83F251A91
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3986885209750256&output=html&h=90&slotname=9986575127&adk=2092624380&adf=3889050472&pi=t.ma~as.9986575127&w=728&lmt=1661017932&psa=0&format=728x90&url=https%3A%2F%2Fwww.pdfhost.net%2Findex.php%3FAction%3DDownload%26File%3D9ef9cda8e1212f52f10959a5f67c57d3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661017931926&bpp=3&bdt=466&idt=411&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&correlator=4463845984605&frm=20&pv=2&ga_vid=830216146.1661017932&ga_sid=1661017932&ga_hid=335095218&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068487%2C31068956%2C31069050%2C31069064%2C44771548%2C31062930%2C31068919&oid=2&pvsid=4373164419845560&tmod=1433939420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=SJpSXAU2QZ&p=https%3A//www.pdfhost.net&dtd=434
Frame ID: B74CB31BE9E7986066C527945CDDE80F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3986885209750256&output=html&adk=1812271804&adf=3025194257&lmt=1661017932&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.pdfhost.net%2Findex.php%3FAction%3DDownload%26File%3D9ef9cda8e1212f52f10959a5f67c57d3&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661017931940&bpp=1&bdt=480&idt=434&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4463845984605&frm=20&pv=1&ga_vid=830216146.1661017932&ga_sid=1661017932&ga_hid=335095218&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068487%2C31068956%2C31069050%2C31069064%2C44771548%2C31062930%2C31068919&oid=2&pvsid=4373164419845560&tmod=1433939420&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=439
Frame ID: 1A5DAC6DFAA0B5914F123184A2D8A2C5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cf882814ad38%26domain%3Dwww.pdfhost.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.pdfhost.net%252Ff3e9e8b9dda8314%26relation%3Dparent.parent&container_width=728&href=http%3A%2F%2Fwww.pdfhost.net%2F&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=true&width=450
Frame ID: B4712A87EB04FB1AEC6A2F181BA78C1D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1485956124F371768DBB682BCE51D62D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5B6DF0950ACBDC8E4F6CB79D437687D7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PDF Host

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

35
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

15
IPs

4
Countries

591 kB
Transfer

1527 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.php Show response
www.pdfhost.net/ 5 KB
2 KB 493ms
412ms Document
text/html 83.140.191.222
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.140.191.222 , Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS: web01.jag.digital
Software: Apache/2 / PHP/5.6.40
Resource Hash: 5bdc98b95cf4fda360981036ffbfb040e1c07163ef06b40165464cb53cbb0c79

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1945
Content-Type: text/html; charset=UTF-8
Date: Sat, 20 Aug 2022 18:00:29 GMT
Keep-Alive: timeout=2, max=100
Server: Apache/2
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/5.6.40

GET
H/1.1 200
OK style.css
www.pdfhost.net/ 219 B
444 B 30ms
29ms Stylesheet
text/css 83.140.191.222
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pdfhost.net/style.css
Requested by: Host: www.pdfhost.net
URL: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.140.191.222 , Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS: web01.jag.digital
Software: Apache/2 /
Resource Hash: c6e662dd5bfcece4a2c638d9f94efb8e2ee7ebb872cc8cfc6d2ab67db8827f1d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 20 Aug 2022 18:00:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Oct 2008 12:49:39 GMT
Server: Apache/2
ETag: "db-4594a2a4d3ec0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 113

GET
H/1.1 200
OK pdfhost2_01.jpg
www.pdfhost.net/images/ 18 KB
18 KB 59ms
29ms Image
image/jpeg 83.140.191.222
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfhost.net/images/pdfhost2_01.jpg
Requested by: Host: www.pdfhost.net
URL: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.140.191.222 , Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS: web01.jag.digital
Software: Apache/2 /
Resource Hash: 84ad8ec784542bb384c6c6337d01059da1a204d1f980e0722e2cf76eba80c8c6

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 20 Aug 2022 18:00:29 GMT
Last-Modified: Tue, 14 Oct 2008 13:41:30 GMT
Server: Apache/2
ETag: "488e-45936c5e3f680"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 18574

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 295ms
159ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.pdfhost.net
URL: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0857367d6af88d46596ceb59a34106483267d2761d629009f678e128a1e1d0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 17:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57510
x-xss-protection: 0
server: cafe
etag: 4003044749561782845
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Aug 2022 17:52:11 GMT

GET
H/1.1 200
OK pdfhost2_04.jpg
www.pdfhost.net/images/ 735 B
1007 B 55ms
29ms Image
image/jpeg 83.140.191.222
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfhost.net/images/pdfhost2_04.jpg
Requested by: Host: www.pdfhost.net
URL: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.140.191.222 , Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS: web01.jag.digital
Software: Apache/2 /
Resource Hash: 802b2396776294d1d5bfc718aea412330bbaafc9792d81ba81b4a0fc52e63e2d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 20 Aug 2022 18:00:29 GMT
Last-Modified: Tue, 14 Oct 2008 13:41:30 GMT
Server: Apache/2
ETag: "2df-45936c5e3f680"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 735

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 196ms
61ms Script
application/x-javascript 31.13.84.4
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.pdfhost.net
URL: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.84.4 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-vie1.fbcdn.net

Software

Resource Hash

d5d7c3bb294474617ae4d1ba844d7699ea17f299d87c25ac453d19150c77d9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: hmFe7iSNWyNgOLK8e4xU6Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: e47d2q8ai3VwSPWAL72lsZPyQf0+y2qubRHHpTihx2OxjAO28Vt8IYenTpsoL7mcbxfuTm/rRQhmT51hhmW+OQ==
x-fb-trip-id: 720026100
x-fb-content-md5: 5c2f09210ef86dab342367589cbf804e
x-frame-options: DENY
date: Sat, 20 Aug 2022 17:52:11 GMT
vary: Accept-Encoding
x-content-cdn-origin-ts: 1661017293325
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "297f81d945387069574d456e71eff1f5"
timing-allow-origin: *
expires: Sat, 20 Aug 2022 18:01:33 GMT

GET
H/1.1 200
OK matomo.js Show response
analytics.itproductions.se/ 62 KB
63 KB 122ms
58ms Script
application/javascript 83.140.191.226
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.itproductions.se/matomo.js
Requested by: Host: www.pdfhost.net
URL: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 83.140.191.226 , Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS: 83.140.191.226.itproductions.se
Software: nginx/1.18.0 /
Resource Hash: 43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 20 Aug 2022 17:52:11 GMT
Last-Modified: Fri, 10 Dec 2021 01:21:43 GMT
Server: nginx/1.18.0
ETag: "61b2aba7-f93c"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63804

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 174ms
55ms Script
text/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.pdfhost.net
URL: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 67
date: Sat, 20 Aug 2022 17:51:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 20 Aug 2022 19:51:04 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 245ms
52ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.pdfhost.net
URL: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9C) /
Resource Hash: 33558069624c6849e3bedf4ef9ead7bf4cef2afdd7ecb64758a660fa4ae5ed8d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 20 Aug 2022 17:52:11 GMT
Content-Encoding: gzip
Age: 864
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29278
x-tw-cdn: VZ
Last-Modified: Mon, 15 Aug 2022 23:23:32 GMT
Server: ECS (amb/6B9C)
Etag: "080f1472776d4d1a972a14cea4433aeb+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK bkg.jpg
www.pdfhost.net/ 12 KB
12 KB 84ms
29ms Image
image/jpeg 83.140.191.222
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfhost.net/bkg.jpg
Requested by: Host: www.pdfhost.net
URL: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.140.191.222 , Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS: web01.jag.digital
Software: Apache/2 /
Resource Hash: bea681f3d051428ed2c1026641c80a52c8c807791f1eda34dec5746e444f86e0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 20 Aug 2022 18:00:29 GMT
Last-Modified: Tue, 14 Oct 2008 13:41:27 GMT
Server: Apache/2
ETag: "2f9b-45936c5b62fc0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 12187

GET
H/1.1 200
OK tbk.jpg
www.pdfhost.net/ 11 KB
12 KB 84ms
30ms Image
image/jpeg 83.140.191.222
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfhost.net/tbk.jpg
Requested by: Host: www.pdfhost.net
URL: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.140.191.222 , Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS: web01.jag.digital
Software: Apache/2 /
Resource Hash: 2e7ed99ad7f3f90f30d8fac60a78c814f09088eae7b873c98cb5a0a41608c55c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 20 Aug 2022 18:00:29 GMT
Last-Modified: Tue, 14 Oct 2008 13:41:28 GMT
Server: Apache/2
ETag: "2d1d-45936c5c57200"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 11549

POST
H/1.1 400
Bad Request matomo.php
analytics.itproductions.se/ 410 B
695 B 47ms
47ms Ping
text/html 83.140.191.226
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.itproductions.se/matomo.php?action_name=PDF%C2%A0Host&idsite=2&rec=1&r=601881&h=17&m=52&s=11&url=https%3A%2F%2Fwww.pdfhost.net%2Findex.php%3FAction%3DDownload%26File%3D9ef9cda8e1212f52f10959a5f67c57d3&_id=8aba8f44be6fcd5f&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=wrIRRj&pf_net=81&pf_srv=413&pf_tfr=0&pf_dm1=40
Requested by: Host: analytics.itproductions.se
URL: https://analytics.itproductions.se/matomo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 83.140.191.226 , Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS: 83.140.191.226.itproductions.se
Software: nginx/1.18.0 /
Resource Hash: cc283801a7ccb1ab03daf7095d0c98b5fe7e186e29c7750d9de4c52e6cd84aa1

Request headers

Referer: https://www.pdfhost.net/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin: https://www.pdfhost.net
Date: Sat, 20 Aug 2022 17:52:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 63ms
62ms Image
image/gif 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1538702028&utmhn=www.pdfhost.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PDF%C2%A0Host&utmhid=335095218&utmr=-&utmp=%2Findex.php%3FAction%3DDownload%26File%3D9ef9cda8e1212f52f10959a5f67c57d3&utmht=1661017931691&utmac=UA-24601794-1&utmcc=__utma%3D44274661.830216146.1661017932.1661017932.1661017932.1%3B%2B__utmz%3D44274661.1661017932.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=773175300&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.pdfhost.net
URL: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Aug 2022 17:52:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 300 KB
84 KB 127ms
62ms Script
application/x-javascript 31.13.84.4
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=c33af1eaef4acd0d3dd59851dc8f132a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.84.4 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-vie1.fbcdn.net

Software

Resource Hash

d1d29962be0f9ce413f9afaee56a6cce2bb694769ea5f0670044efceaac2317f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pdfhost.net/
Origin: https://www.pdfhost.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: t6kUlawzkM6k6AQAktCuUA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86351
x-fb-rlafr: 0
x-fb-debug: OkZtYAALMdq6xQyyiRld6bJj4fD3zpGw5ofdbMCq7dJ8DKbjfdDGDo4QtdZrQ7nSpRvzGsFg7Qlvztc+XVwfdA==
x-fb-content-md5: 08c52b98dcbc016b54549dba8d700f0d
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 20 Aug 2022 17:52:11 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "deb26885e859d1301d94677337c18d2c"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 20 Aug 2023 17:41:33 GMT

GET
H/1.1 200
OK widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html Show response
platform.twitter.com/widgets/ Frame 4720 320 KB
104 KB 52ms
51ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.pdfhost.net
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAE) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.pdfhost.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 342039
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Aug 2022 17:52:11 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Mon, 15 Aug 2022 23:01:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BAE)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 4720 646 B
568 B 264ms
155ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=abd9903e75f19ddcde52ccd188f85663d0bfd63b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.pdfhost.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

730b15098a576a4f75c50e57a648a82f3b93d7db0c86a5d4b6ff65c977a0ff33

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 106
date: Sat, 20 Aug 2022 17:52:11 GMT
content-encoding: gzip
last-modified: Sat, 20 Aug 2022 17:52:12 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 973c2af90f5c7485aa2f1b4f60ca9c3175071985d0913f4b546c055fc35eb754
content-length: 286

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/ 342 KB
120 KB 250ms
131ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

d3ce4eb5a5fbb2e0e51b676e40562a60d0e480aff6866bea4ea93eea0f84dcbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 17:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122958
x-xss-protection: 0
server: cafe
etag: 8319592726224795140
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Aug 2022 17:52:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/ Frame 1437 10 KB
5 KB 183ms
56ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdfhost.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 23035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Aug 2022 11:28:17 GMT
etag: 8616628553774171045
expires: Sat, 03 Sep 2022 11:28:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK button.b1b167848c287659f2a6ccf2f75db0b5.js Show response
platform.twitter.com/js/ 7 KB
3 KB 52ms
52ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.b1b167848c287659f2a6ccf2f75db0b5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9C) /
Resource Hash: a9729002880774b272306f1cc58eab97d1121239e882419538e5e6548ccc260e

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 20 Aug 2022 17:52:12 GMT
Content-Encoding: gzip
Age: 342040
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2359
x-tw-cdn: VZ
Last-Modified: Mon, 15 Aug 2022 23:01:06 GMT
Server: ECS (amb/6B9C)
Etag: "ab91dc5840dfa6af606ebfda8f434b51+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tweet_button.9d00f3a022654eb8edfbc3190e981f9d.en.html Show response
platform.twitter.com/widgets/ Frame 69EC 37 KB
14 KB 53ms
52ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.9d00f3a022654eb8edfbc3190e981f9d.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9C) /
Resource Hash: 9886e9c9284d915916906d857b9d2045318ae29bba7d360b2cad9758deb8a292

Request headers

Referer: https://www.pdfhost.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 342039
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13751
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Aug 2022 17:52:12 GMT
Etag: "648fcdf5ca106424a58df2f0cdc5dab8+gzip"
Last-Modified: Mon, 15 Aug 2022 23:01:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B9C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
88 B 160ms
159ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.pdfhost.net%2Findex.php%3FAction%3DDownload%26File%3D9ef9cda8e1212f52f10959a5f67c57d3%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1661017932260%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2231f0cdc1eaa0f%3A1660602114609%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=abd9903e75f19ddcde52ccd188f85663d0bfd63b

Requested by

Host: www.pdfhost.net
URL: https://www.pdfhost.net/index.php?Action=Download&File=9ef9cda8e1212f52f10959a5f67c57d3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 111
date: Sat, 20 Aug 2022 17:52:11 GMT
last-modified: Sat, 20 Aug 2022 17:52:12 GMT
server: tsa_o
vary: Origin
content-type: image/gif
cache-control: must-revalidate, max-age=600
x-connection-hash: 973c2af90f5c7485aa2f1b4f60ca9c3175071985d0913f4b546c055fc35eb754
strict-transport-security: max-age=631138519
content-length: 43

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
696 B 177ms
61ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.pdfhost.net&callback=_gfp_s_&client=ca-pub-3986885209750256&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eded1725fbce490d13e7968f44da2e64c4ba3218b65b5f4d14c4f76f437ce7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 17:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ru/adsid/ 107 B
792 B 196ms
73ms Script
application/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ru/adsid/integrator.js?domain=www.pdfhost.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Aug 2022 17:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 192ms
64ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pdfhost.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Aug 2022 17:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B74C 430 B
229 B 246ms
137ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3986885209750256&output=html&h=90&slotname=9986575127&adk=2092624380&adf=3889050472&pi=t.ma~as.9986575127&w=728&lmt=1661017932&psa=0&format=728x90&url=https%3A%2F%2Fwww.pdfhost.net%2Findex.php%3FAction%3DDownload%26File%3D9ef9cda8e1212f52f10959a5f67c57d3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661017931926&bpp=3&bdt=466&idt=411&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&correlator=4463845984605&frm=20&pv=2&ga_vid=830216146.1661017932&ga_sid=1661017932&ga_hid=335095218&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068487%2C31068956%2C31069050%2C31069064%2C44771548%2C31062930%2C31068919&oid=2&pvsid=4373164419845560&tmod=1433939420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=SJpSXAU2QZ&p=https%3A//www.pdfhost.net&dtd=434

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

0d1a8451d486b10095a7831eda8fbbdce1dca2a6c320a8fcb23a3c6e0a1599be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdfhost.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Aug 2022 17:52:12 GMT
expires: Sat, 20 Aug 2022 17:52:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A5D 9 KB
4 KB 333ms
242ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3986885209750256&output=html&adk=1812271804&adf=3025194257&lmt=1661017932&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.pdfhost.net%2Findex.php%3FAction%3DDownload%26File%3D9ef9cda8e1212f52f10959a5f67c57d3&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661017931940&bpp=1&bdt=480&idt=434&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4463845984605&frm=20&pv=1&ga_vid=830216146.1661017932&ga_sid=1661017932&ga_hid=335095218&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068487%2C31068956%2C31069050%2C31069064%2C44771548%2C31062930%2C31068919&oid=2&pvsid=4373164419845560&tmod=1433939420&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=439

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

ba6e691969e04e279ba6e7c215839fd4a78595bd0ce96652cdc3aa50a5fecef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdfhost.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4184
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Aug 2022 17:52:12 GMT
expires: Sat, 20 Aug 2022 17:52:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 69EC 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame B471 0
3 KB 238ms
96ms Document
text/html 31.13.84.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cf882814ad38%26domain%3Dwww.pdfhost.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.pdfhost.net%252Ff3e9e8b9dda8314%26relation%3Dparent.parent&container_width=728&href=http%3A%2F%2Fwww.pdfhost.net%2F&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=true&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c33af1eaef4acd0d3dd59851dc8f132a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.84.36 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-vie1.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdfhost.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Aug 2022 17:52:12 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: zYE781DyPsrxrwBrPwxCuW00pfDklriLVZqwCg4nBGDh5yr9P46/bzmiLPwolvhc9weaXDGa4ZZFtni5eoEgZQ==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 229ms
109ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

30c757c9cb941db718122daee0737556d8a79fe8749876de8561b0f52b629baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Aug 2022 17:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11035
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 225ms
87ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 17:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 17:52:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1485 13 KB
5 KB 186ms
59ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdfhost.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 3228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Aug 2022 16:58:25 GMT
expires: Sun, 20 Aug 2023 16:58:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5B6D 783 B
1 KB 206ms
73ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

75b45a865a5d6a275da3a44dea84625376d64978e60282628973f3ce4dacdb53

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-foNWtWy_6mnZ5AUCRaAeCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pdfhost.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-foNWtWy_6mnZ5AUCRaAeCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 Aug 2022 17:52:13 GMT
expires: Sat, 20 Aug 2022 17:52:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5B6D 0
0 93ms
92ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=4373164419845560&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1485 36 KB
14 KB 58ms
58ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 11:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 11:28:59 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1485 0
10 B 58ms
57ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wulsZQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 17:52:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 96ms
95ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=4373164419845560&bg=!ERKlElbNAAYUOm8VNDo7ACkAdvg8WnDQlKYBf51CWMn6ksS9FZmJu0I9ITXO4IqsnCfkqpj2RYiYWQIAAAB_UgAAAAJoAQcKADzMiljszWSV8z2TO9hfRVTJxThDmkmSPJuD_kqWyYmeZuZ17BNmVZ5aA_CtPR2XAcEh11J254yAjPA-eUyZAsVpYz_ss-p_yWwkr7Z2Oi1w7Q8USttE3Tp-K2CRVhyzmwQaj_arsAX-NTUg6sy5M8pJVJWYyakV7Lg_TbEmW1l43HkVt5LDBRRlzvucWUjdOyOpvHQS-mGEFuia1uzifm_ntJaarWj7CZVubqgKwRd2z2atR0DLwTI9i61gAHlj920kf_awGYDV7hTERlBuqHJxn_lqu57BsfHnDPrW_YdBFK4DfJSkTySPm65ynFGMX_09nF9mW5GZGHFRWBt9Ywx_4SfL5THrzHHspeUChSK3iXN-cA2Ms8McPUBsXxwos85ZJ_0aW-Z87dpFf6UvAwTRh4DcXY-BGhfdTdmF3WJeN72onCbmD64_lE7c65lVYSfrBpD2QrXuYKgA68_HDdCK5nukqjanqQvzjamq9_Cnhq8OrIIYgwFUU-YqQdHFhrdtYmpONjmTSWTpHsrx9v5HAzVr7pz8haZdwmz4-chNXp6uLwsCNK_4WwvQJU2Af_pd3UPjRCMTzCcaobEjTP-k_zmtKT2NOyqLzPSkCMAw4GeL0uR9t0-J9RP4e0-Kp5thlmPi7Wul-RT-PDMad8FYlX6D9vBi-NwsbkqACCg-knt535NSgzWfT2K_HEvsztqAWZejiLmhEZUxkJ9re9QYDxO8Buq5VahduXM1f_byutiTdh7IV8RqBPVj3wXfpXzakC2AXVMCDYGBlw19z5GVrj_k_yE-cpXBnltfDOc5Dhvg61CiY1Vf3S4a5b6L5iMIRtXHCEbzPXW1Bj5qo0nOcTn-fViXCFHb76Ocq9Ud1yGoANcp1aOoaheaff0yED4BIMd1dF66reUXrljesmwEWFz8l4x40p7PHIKe3iiLDgWoLWmltHmIintHCpyIVGCBkuOqu_n1yl8c7fvefwj8MTZNL2k32UUPlVHQGWelGWIHZBnGBjtKRPzhNvCQHAAjep5A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.pdfhost.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.pdfhost.net/	1970-01-20 14:49:33	Name: _pk_id.2.d0c1 Value: 8aba8f44be6fcd5f.1661017932.
.www.pdfhost.net/	1970-01-20 05:23:39	Name: _pk_ses.2.d0c1 Value: 1
.pdfhost.net/	1970-01-20 14:59:37	Name: __utma Value: 44274661.830216146.1661017932.1661017932.1661017932.1
.pdfhost.net/	1969-12-31 23:59:59	Name: __utmc Value: 44274661
.pdfhost.net/	1970-01-20 09:46:25	Name: __utmz Value: 44274661.1661017932.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.pdfhost.net/	1970-01-20 05:23:38	Name: __utmt Value: 1
.pdfhost.net/	1970-01-20 05:23:39	Name: __utmb Value: 44274661.1.10.1661017932
.pdfhost.net/	1970-01-20 14:45:13	Name: __gads Value: ID=3eb68f24ec28a51d-22d9f6cefacd0085:T=1661017932:RT=1661017932:S=ALNI_MZFAxhyNiclAKT-3UxgHfdz_FVNMw
.pdfhost.net/	1970-01-20 14:45:13	Name: __gpi Value: UID=00000ae3db11c3ef:T=1661017932:RT=1661017932:S=ALNI_MZrzMAwEpLZ6mXFqY3aXch_Yb_SaQ
.doubleclick.net/	1970-01-20 05:23:38	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://analytics.itproductions.se/matomo.php?action_name=PDF%C2%A0Host&idsite=2&rec=1&r=601881&h=17&m=52&s=11&url=https%3A%2F%2Fwww.pdfhost.net%2Findex.php%3FAction%3DDownload%26File%3D9ef9cda8e1212f52f10959a5f67c57d3&_id=8aba8f44be6fcd5f&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=wrIRRj&pf_net=81&pf_srv=413&pf_tfr=0&pf_dm1=40 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.ru
analytics.itproductions.se
connect.facebook.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
ssl.google-analytics.com
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.pdfhost.net
104.244.42.136
142.250.185.226
142.250.185.66
142.250.186.129
142.250.186.66
172.217.16.194
172.217.16.200
172.217.18.100
172.217.18.2
31.13.84.36
31.13.84.4
83.140.191.222
83.140.191.226
93.184.220.66
0857367d6af88d46596ceb59a34106483267d2761d629009f678e128a1e1d0fe
0d1a8451d486b10095a7831eda8fbbdce1dca2a6c320a8fcb23a3c6e0a1599be
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2e7ed99ad7f3f90f30d8fac60a78c814f09088eae7b873c98cb5a0a41608c55c
30c757c9cb941db718122daee0737556d8a79fe8749876de8561b0f52b629baf
33558069624c6849e3bedf4ef9ead7bf4cef2afdd7ecb64758a660fa4ae5ed8d
43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5bdc98b95cf4fda360981036ffbfb040e1c07163ef06b40165464cb53cbb0c79
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
730b15098a576a4f75c50e57a648a82f3b93d7db0c86a5d4b6ff65c977a0ff33
75b45a865a5d6a275da3a44dea84625376d64978e60282628973f3ce4dacdb53
802b2396776294d1d5bfc718aea412330bbaafc9792d81ba81b4a0fc52e63e2d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ad8ec784542bb384c6c6337d01059da1a204d1f980e0722e2cf76eba80c8c6
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
9886e9c9284d915916906d857b9d2045318ae29bba7d360b2cad9758deb8a292
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9729002880774b272306f1cc58eab97d1121239e882419538e5e6548ccc260e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ba6e691969e04e279ba6e7c215839fd4a78595bd0ce96652cdc3aa50a5fecef5
bea681f3d051428ed2c1026641c80a52c8c807791f1eda34dec5746e444f86e0
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c6e662dd5bfcece4a2c638d9f94efb8e2ee7ebb872cc8cfc6d2ab67db8827f1d
cc283801a7ccb1ab03daf7095d0c98b5fe7e186e29c7750d9de4c52e6cd84aa1
d1d29962be0f9ce413f9afaee56a6cce2bb694769ea5f0670044efceaac2317f
d3ce4eb5a5fbb2e0e51b676e40562a60d0e480aff6866bea4ea93eea0f84dcbf
d5d7c3bb294474617ae4d1ba844d7699ea17f299d87c25ac453d19150c77d9e8
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eded1725fbce490d13e7968f44da2e64c4ba3218b65b5f4d14c4f76f437ce7cb
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

www.pdfhost.net Open in urlscan Pro 83.140.191.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

0 %IPv6

11 Domains

14 Subdomains

15 IPs

4 Countries

591 kBTransfer

1527 kBSize

10 Cookies

0 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pdfhost.net Open in urlscan Pro
83.140.191.222 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

15
IPs

4
Countries

591 kB
Transfer

1527 kB
Size

10
Cookies

35 HTTP transactions
1 data transactions