www.pdfmagiconline.com Open in urlscan Pro
45.79.152.80 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.pdfmagiconline.com/
Submission: On August 30 via manual (August 30th 2023, 8:22:36 am UTC) from GB — Scanned from GB

Summary HTTP 104 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 8 countries across 23 domains to perform 104 HTTP transactions. The main IP is 45.79.152.80, located in Cedar Knolls, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.pdfmagiconline.com.
TLS certificate: Issued by R3 on August 17th 2023. Valid for: 3 months.

This is the only time www.pdfmagiconline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	45.79.152.80 45.79.152.80	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
12	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:48:1... 2620:1ec:48:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 6	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	104.211.35.148 104.211.35.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:78ec:3e9e:b03:b2b6	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	52.28.44.182 52.28.44.182	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
104	24

19 45.79.152.80 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 45-79-152-80.ip.linodeusercontent.com

www.pdfmagiconline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

12154094.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:48:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.211.35.148 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

y.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:78ec:3e9e:b03:b2b6 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.44.182 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-44-182.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.232 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	356 KB
20	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 12154094.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 242	98 KB
19	pdfmagiconline.com www.pdfmagiconline.com	3 MB
8	gstatic.com fonts.gstatic.com www.gstatic.com	86 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 100	2 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 891 y.clarity.ms — Cisco Umbrella Rank: 8365 c.clarity.ms — Cisco Umbrella Rank: 1512	22 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	5 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 817 s.tribalfusion.com — Cisco Umbrella Rank: 1944	2 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120 www.googleadservices.com — Cisco Umbrella Rank: 150	610 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 597	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 877	2 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3135	207 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 798	793 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	113 KB
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3506	563 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	157 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	766 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 771	336 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 626	363 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 360	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 800	713 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2412	259 B
104	23

	Domain	Requested by
19	www.pdfmagiconline.com	www.pdfmagiconline.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	www.pdfmagiconline.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	cm.g.doubleclick.net	www.pdfmagiconline.com googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.google.com	1 redirects www.pdfmagiconline.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	fonts.googleapis.com	www.pdfmagiconline.com googleads.g.doubleclick.net
3	y.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.googleadservices.com
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google.co.uk	www.pdfmagiconline.com
2	www.clarity.ms	www.pdfmagiconline.com www.clarity.ms
2	12154094.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	www.pdfmagiconline.com www.googletagmanager.com
1	c.bing.com	1 redirects
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	www.pdfmagiconline.com
1	adservice.google.com	12154094.fls.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
104	32

This site contains no links.

Subject Issuer	Validity	Valid
pdfmagiconline.com R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.pdfmagiconline.com/
Frame ID: C3DEE9EA721EAE60D1B9B14B78759884
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Frame ID: 9898F923AD72F7B22414735DA992B8F3
Requests: 1 HTTP requests in this frame

Frame: https://12154094.fls.doubleclick.net/activityi;dc_pre=CJXisIf6g4EDFYEYaAgdYqAN_Q;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=1717269685.1693383750;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pdfmagiconline.com%2F
Frame ID: 2E15BA3FAD18927C5CD1B3B4428B57E5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6495373596935145&output=html&adk=1812271804&adf=3025194257&lmt=1683815354&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.pdfmagiconline.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693383750150&bpp=4&bdt=765&idt=358&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=827323025107&frm=20&pv=2&ga_vid=688159843.1693383750&ga_sid=1693383751&ga_hid=406706359&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077317%2C31077523%2C44795921&oid=2&pvsid=1058618412334179&tmod=1325019931&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=382
Frame ID: B7735DAA0D1A28A907C3C491A473AE82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: EF7EE1AC553DCF126D6602E25AEA412F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: BE955DC3539135D662E49E89F3AF976F
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D0E0C906E6BBA2A7C3AC43BF005C3332
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8F788B09DCE2D211AEDB7AF995142410
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0FECCF786F3BC5EE069DE940520E046F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B092FB2DF7BB13FCC97A2A1D291AD86C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Frame ID: A2E80D0EC2D9F4FDCE71835E323ACD0C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Frame ID: 132CEDBC32D2A53143E692D054040239
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A6851729471D8C68EF2AEB7AF8CAB12
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 740D8E8D9127928FB25F03938B24DFE2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PDF Magic

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

104
Requests

90 %
HTTPS

59 %
IPv6

23
Domains

32
Subdomains

24
IPs

8
Countries

3746 kB
Transfer

5321 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://12154094.fls.doubleclick.net/activityi;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=1717269685.1693383750;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pdfmagiconline.com%2F HTTP 302
https://12154094.fls.doubleclick.net/activityi;dc_pre=CJXisIf6g4EDFYEYaAgdYqAN_Q;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=1717269685.1693383750;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pdfmagiconline.com%2F

Request Chain 71

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDhCEuBwqPMQjhwejGu3Gv8&google_cver=1&google_push=AXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mCN250&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mCN250%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDhCEuBwqPMQjhwejGu3Gv8&google_cver=1&google_push=AXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mCN250&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mCN250%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 72

https://um.simpli.fi/gp_match?google_gid=CAESEE3DqpS2hFAC6E0Y5_cClbI&google_cver=1&google_push=AXcoOmQx072aY1lUvFLoHX01shKdpf50c5zMHxVY88RDMVBVEAfCnfCJKwsoo0Fkj6fGK8wfWH_a9XhY7SbfweFcd7zOycu3xPb8oeM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EDDBDD7C7D4F48758C000416F8008199&google_push=AXcoOmQx072aY1lUvFLoHX01shKdpf50c5zMHxVY88RDMVBVEAfCnfCJKwsoo0Fkj6fGK8wfWH_a9XhY7SbfweFcd7zOycu3xPb8oeM

Request Chain 74

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENW8Z-LKiomGm0zeozWCTYk&google_cver=1&google_push=AXcoOmQwAlutAmey8xateTmHbGe2lABHWcn1VVBOPR7u2egYZJE9anzYDv-9bXJYvACmq_zkh-oLNikLbCrrHeXmhNGRMPnwywmMuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQwAlutAmey8xateTmHbGe2lABHWcn1VVBOPR7u2egYZJE9anzYDv-9bXJYvACmq_zkh-oLNikLbCrrHeXmhNGRMPnwywmMuA&google_hm=eS1XMFJiUWJwRTJwR0RxU3hac0txc0RuTktUS2tDR09CdH5B

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 82

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECgTJJ8mJluSGE4voyUPT-o&google_cver=1&google_push=AXcoOmSMCni4yuWbGUUue2G1HIfoUHF5kCK9CdSmBO8thcfs0Ga3Heiw_L8vgs3mjCC8al3zuxtfxBmf49rnTeH-5HWAnYJHV_1-zQ HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSMCni4yuWbGUUue2G1HIfoUHF5kCK9CdSmBO8thcfs0Ga3Heiw_L8vgs3mjCC8al3zuxtfxBmf49rnTeH-5HWAnYJHV_1-zQ&google_hm=eWWFarmPiIWoDy23Id89xg

Request Chain 84

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDlDvQs3I9_Rgk7H2GQflfk&google_cver=1&google_push=AXcoOmRru-hsIvRyZbUXpUW6ZnzCmgvP4rrx2woPPlvdaRcPPpwzgpmpj8RbNnrpUl1a9PSO8g-Sl5AYy43VgEprJJ5GITQPpFDj HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDlDvQs3I9_Rgk7H2GQflfk&google_cver=1&google_push=AXcoOmRru-hsIvRyZbUXpUW6ZnzCmgvP4rrx2woPPlvdaRcPPpwzgpmpj8RbNnrpUl1a9PSO8g-Sl5AYy43VgEprJJ5GITQPpFDj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlU5UTZZc0oxUUJndGE1&google_gid=CAESEDlDvQs3I9_Rgk7H2GQflfk&google_cver=1&google_push=AXcoOmRru-hsIvRyZbUXpUW6ZnzCmgvP4rrx2woPPlvdaRcPPpwzgpmpj8RbNnrpUl1a9PSO8g-Sl5AYy43VgEprJJ5GITQPpFDj

Request Chain 86

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENW8Z-LKiomGm0zeozWCTYk&google_cver=1&google_push=AXcoOmQ_SgGQAxJA5x2_VUjVWdejPtm3z4h3F9ncZKP4tNqJjFy6rqgyWQrV4NXD-Vm0EvoFJMskB8bjARZaWtZ22DKNXEYBS_T7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_SgGQAxJA5x2_VUjVWdejPtm3z4h3F9ncZKP4tNqJjFy6rqgyWQrV4NXD-Vm0EvoFJMskB8bjARZaWtZ22DKNXEYBS_T7&google_hm=eS1XMFJiUWJwRTJwR0RxU3hac0txc0RuTktUS2tDR09CdH5B

Request Chain 87

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFX9O_DZIbJUO1-_m512Nqo&google_cver=1&google_push=AXcoOmQlxEZEp6RxcQSvZL7zZGo2IUuGsRdRBtz_k4PhbxfpW6Lgay2-cbcmf_n-SDzGDGOrPew4Bt0VlpOyHcnY1IKakg4uZRe_ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFX9O_DZIbJUO1-_m512Nqo&google_cver=1&google_push=AXcoOmQlxEZEp6RxcQSvZL7zZGo2IUuGsRdRBtz_k4PhbxfpW6Lgay2-cbcmf_n-SDzGDGOrPew4Bt0VlpOyHcnY1IKakg4uZRe_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA2NDM4NDU1MjE0ODYyMjYwNQ&google_push=AXcoOmQlxEZEp6RxcQSvZL7zZGo2IUuGsRdRBtz_k4PhbxfpW6Lgay2-cbcmf_n-SDzGDGOrPew4Bt0VlpOyHcnY1IKakg4uZRe_

Request Chain 88

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECv4i7EqamF2Qp6pQYIw5Q4&google_cver=1&google_push=AXcoOmQ3yD1TaXg1kGnTy07K-J9WGgnVxQvXDEwsiyoWZC4uiJtrtNr9IJZI4G1pa5FgkXoYMQ_V-yEBkLYSe5wy1DAi7_Hi8TdP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ3yD1TaXg1kGnTy07K-J9WGgnVxQvXDEwsiyoWZC4uiJtrtNr9IJZI4G1pa5FgkXoYMQ_V-yEBkLYSe5wy1DAi7_Hi8TdP

Request Chain 90

https://googleads.g.doubleclick.net/pagead/adview?ai=CS3EfRvzuZNmhKLKqtOUP46mb-ASsge3Xcui3lsK-EQoQASCu1Z6UAWC7vpaD0AqgAZT2rKwoyAEBqAMByAPLBKoE2wFP0MInURzbRSOXV4bdW-wSafkkB8-9HjNXCgzJYPJk9Q2ALcTQGY5qAwXD42axW0Lc0UNxuBb_vSb-km3Vk7kFR9yMlSJdCrM2A9wvhEtZfETKTo6ePitNmTc8jOWRVS1NxPNmljbnO1GQoC58764d4alhLkT6bxkS_39ZdmB99HcxRUsSILg3Fwko-LRTucVfk5lBdtsqy911yIQjhuneLPZRMXAmInEq-i-WopOKm4-8G3Ky2P1P25Wq7Tj2nSIu6HX_mOiQKKn93-LVr6lwxNcd5iFrJMVw5r7ABOC3zI_SBIgF4NHpp0ySBQQIBBgBkgUECAUYBIAHlK79iwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRC6qeIB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJMWh0dHBzOi8vd3d3LmdlZWtvbS5jby51ay9nZWVrb20tbWluaS1pdDEyLW1pbmktcGOACgHICwHYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNjQ5NTM3MzU5NjkzNTE0NRgA&sigh=ZsI7CeTkciU&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWfEB8sQv5uN_5uJfVaR4CznUbp4bPfcOLUnxTqOjLU7I_Y7-lGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210274969082815810757%22,%22debug_reporting%22:true,%22destination%22:%22https://geekom.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210830428948%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214078550085744991649%22}&andc=true

Request Chain 92

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=815ED0EA00944987B753997575816E82&RedC=c.clarity.ms&MXFR=32AB05ACE08064133AC216D1E4806A6B HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=815ED0EA00944987B753997575816E82&MUID=1BBDED7656C66A0B085FFE0B576A6BF4

104 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.pdfmagiconline.com/ 19 KB
4 KB 634ms
334ms Document
text/html 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: 97eeba5d62569a131234a1828195f0fe59bb40a4f264aefcd89433b46a710416

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, max-age=900
content-encoding: gzip
content-length: 3669
content-type: text/html
date: Wed, 30 Aug 2023 08:22:29 GMT
last-modified: Thu, 11 May 2023 15:29:14 GMT
server: Nginx
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: MISS from squid-ip-10-14-20-156
x-cache-lookup: MISS from squid-ip-10-14-20-156:80

GET
H2 200 flexboxgrid.min.css
www.pdfmagiconline.com/css/ 12 KB
2 KB 351ms
350ms Stylesheet
text/css 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pdfmagiconline.com/css/flexboxgrid.min.css
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: ffcfac539e9acab2466a11bd9a671468d12085b6af69c786c9b91da8ef7a2a4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:29 GMT
content-encoding: gzip
x-cache-lookup: MISS from ip-10-14-10-53.ec2.internal:80
last-modified: Thu, 11 May 2023 15:29:14 GMT
server: Nginx
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: MISS from ip-10-14-10-53.ec2.internal
content-type: text/css
cache-control: public, max-age=900
content-length: 1649

GET
H2 200 style.css
www.pdfmagiconline.com/ 19 KB
4 KB 156ms
155ms Stylesheet
text/css 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pdfmagiconline.com/style.css
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: 1a904bcf59f6ef11185075a0a6661e63396b7531d1ed3e01bbd6f0a056a0e318

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:29 GMT
content-encoding: gzip
x-cache-lookup: MISS from squid-ip-10-14-20-156:80
last-modified: Thu, 11 May 2023 15:29:14 GMT
server: Nginx
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: MISS from squid-ip-10-14-20-156
content-type: text/css
cache-control: public, max-age=900

GET
H2 200 blog.css
www.pdfmagiconline.com/blog/css/ 7 KB
2 KB 608ms
608ms Stylesheet
text/css 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pdfmagiconline.com/blog/css/blog.css
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: f715d4f7b6d475a6672544dc179172444da731d89be3716beeff960948377bdf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:29 GMT
content-encoding: gzip
x-cache-lookup: MISS from squid-ip-10-14-20-156:80
last-modified: Thu, 11 May 2023 15:29:12 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from squid-ip-10-14-20-156
content-type: text/css
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 2160

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 232ms
112ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6495373596935145

Requested by

Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc9270b7e1ade019077ba995ddd516f1575fe0d770f273c907748db023f3fdde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdfmagiconline.com/
Origin: https://www.pdfmagiconline.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51083
x-xss-protection: 0
server: cafe
etag: 2477602469704004326
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:22:29 GMT

GET
H2 200 responsive.css
www.pdfmagiconline.com/css/ 4 KB
825 B 431ms
431ms Stylesheet
text/css 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pdfmagiconline.com/css/responsive.css
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: 162923bda88e2e0138d0a27d83489a6325d6c6e0007b214bef513839303260c2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:29 GMT
content-encoding: gzip
x-cache-lookup: MISS from squid-ip-10-14-20-156:80
last-modified: Thu, 11 May 2023 15:29:14 GMT
server: Nginx
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: MISS from squid-ip-10-14-20-156
content-type: text/css
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 790

GET
H2 200 helper.js Show response
www.pdfmagiconline.com/js/ 6 KB
2 KB 161ms
161ms Script
application/javascript 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pdfmagiconline.com/js/helper.js?var=2023_05_11_03
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: e3a07a4d0dde9642aa06e39797ff36c1817256ff0377ea990c7b71e10e1f4d49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:29 GMT
content-encoding: gzip
x-cache-lookup: MISS from squid-ip-10-14-30-94:80
last-modified: Thu, 11 May 2023 15:29:14 GMT
server: Nginx
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: MISS from squid-ip-10-14-30-94
content-type: application/javascript
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 2395

GET
H2 200 logo.png
www.pdfmagiconline.com/img/ 5 KB
5 KB 364ms
364ms Image
image/png 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfmagiconline.com/img/logo.png
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: 6684feb3c940a480fd3050407446078cd0858f06868287a48f0616f8a5649c1b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
x-cache-lookup: MISS from squid-ip-10-14-30-94:80
last-modified: Thu, 11 May 2023 15:29:14 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from squid-ip-10-14-30-94
content-type: image/png
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 4815

GET
H2 200 hero.png
www.pdfmagiconline.com/img/ 28 KB
28 KB 536ms
535ms Image
image/png 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfmagiconline.com/img/hero.png
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: de6e0efa7821954c8cfdf9f793b68b73b6004a49b3b37b00b4891bbb9b12f977

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
x-cache-lookup: MISS from squid-ip-10-14-30-94:80
last-modified: Thu, 11 May 2023 15:29:14 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from squid-ip-10-14-30-94
content-type: image/png
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 28252

GET
H2 200 10%20Big%20Financial%20Problems%20Private%20Schools%20Will%20Face%20In%202022.jpg
www.pdfmagiconline.com/blog/images/ 222 KB
222 KB 321ms
319ms Image
image/jpeg 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfmagiconline.com/blog/images/10%20Big%20Financial%20Problems%20Private%20Schools%20Will%20Face%20In%202022.jpg
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: eab4f8bdbf622a34fedec99e2374ee1424f26dd8ae677627b648a0fcfe457941

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
x-cache-lookup: MISS from ip-10-14-10-53.ec2.internal:80
last-modified: Thu, 11 May 2023 15:29:13 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from ip-10-14-10-53.ec2.internal
content-type: image/jpeg
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 227369

GET
H2 200 b-arrow.svg
www.pdfmagiconline.com/img/ 646 B
691 B 535ms
533ms Image
image/svg+xml 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfmagiconline.com/img/b-arrow.svg
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: e048295f3e7b9e93551afaaf228070b944a099ab0d2afb4ed71fecae50ceffbc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
x-cache-lookup: MISS from squid-ip-10-14-30-94:80
last-modified: Thu, 11 May 2023 15:29:14 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from squid-ip-10-14-30-94
content-type: image/svg+xml
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 646

GET
H2 200 10%20Factors%20That%20Will%20Have%20an%20Effect%20on%20the%20Cost%20of%20Your%20Life%20Insurance%20Premium.jpg
www.pdfmagiconline.com/blog/images/ 185 KB
185 KB 646ms
644ms Image
image/jpeg 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfmagiconline.com/blog/images/10%20Factors%20That%20Will%20Have%20an%20Effect%20on%20the%20Cost%20of%20Your%20Life%20Insurance%20Premium.jpg
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: d52ed4a45590433affb0ec4f009320cba97774063146f86816b424ca7f709933

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
x-cache-lookup: MISS from squid-ip-10-14-20-156:80
last-modified: Thu, 11 May 2023 15:29:13 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from squid-ip-10-14-20-156
content-type: image/jpeg
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 189010

GET
H2 200 10%20Tax%20Breaks%20For%20Seniors%20You%20May%20Not%20Be%20Aware%20Of.jpg
www.pdfmagiconline.com/blog/images/ 205 KB
205 KB 647ms
644ms Image
image/jpeg 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfmagiconline.com/blog/images/10%20Tax%20Breaks%20For%20Seniors%20You%20May%20Not%20Be%20Aware%20Of.jpg
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: 94a5e5af53bdc295634bea1d47fb682eb846142aaf1bc68e7c363ca24c461f4b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
x-cache-lookup: MISS from ip-10-14-10-53.ec2.internal:80
last-modified: Thu, 11 May 2023 15:29:13 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from ip-10-14-10-53.ec2.internal
content-type: image/jpeg
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 209456

GET
H2 200 5%20Categories%20Of%20Businesses%20Requiring%20Public%20Liability%20Insurance.jpg
www.pdfmagiconline.com/blog/images/ 166 KB
166 KB 203ms
200ms Image
image/jpeg 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfmagiconline.com/blog/images/5%20Categories%20Of%20Businesses%20Requiring%20Public%20Liability%20Insurance.jpg
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: a75d8592e87e98d2f925cd77c1bc3229cd4bb9bfa26623df84eea663dde29782

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
x-cache-lookup: MISS from ip-10-14-10-53.ec2.internal:80
last-modified: Thu, 11 May 2023 15:29:13 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from ip-10-14-10-53.ec2.internal
content-type: image/jpeg
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 169972

GET
H2 200 5%20Essential%20Tips%20For%20Buying%20A%20Family%20Car.jpg
www.pdfmagiconline.com/blog/images/ 532 KB
533 KB 652ms
650ms Image
image/jpeg 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfmagiconline.com/blog/images/5%20Essential%20Tips%20For%20Buying%20A%20Family%20Car.jpg
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: 5161dad6da948d9bc1a98b045204d6ff89c797303c755827774db950c8beb07e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
x-cache-lookup: MISS from squid-ip-10-14-30-94:80
last-modified: Thu, 11 May 2023 15:29:13 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from squid-ip-10-14-30-94
content-type: image/jpeg
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 544845

GET
H2 200 5%20Frequent%20Errors%20People%20Make%20When%20Planning%20Their%20Retirement.jpg
www.pdfmagiconline.com/blog/images/ 200 KB
200 KB 653ms
651ms Image
image/jpeg 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfmagiconline.com/blog/images/5%20Frequent%20Errors%20People%20Make%20When%20Planning%20Their%20Retirement.jpg
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: 13a082799552d0fbf3b86a81319b5ae5e09cc0d069218f31cc706b9f4d4e9bfe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
x-cache-lookup: MISS from squid-ip-10-14-20-156:80
last-modified: Thu, 11 May 2023 15:29:13 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from squid-ip-10-14-20-156
content-type: image/jpeg
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 204635

GET
H2 200 5%20Methods%20To%20Confirm%20The%20Truthfulness%20Of%20Your%20Auto%20Insurance%20Policy.jpg
www.pdfmagiconline.com/blog/images/ 117 KB
117 KB 653ms
652ms Image
image/jpeg 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfmagiconline.com/blog/images/5%20Methods%20To%20Confirm%20The%20Truthfulness%20Of%20Your%20Auto%20Insurance%20Policy.jpg
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: 7e7ff84655df1d4f7c2338e4ed712f26df17806ad5b3a3ff62c0637fb04b2c21

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
x-cache-lookup: MISS from squid-ip-10-14-30-94:80
last-modified: Thu, 11 May 2023 15:29:13 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from squid-ip-10-14-30-94
content-type: image/jpeg
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 119299

GET
H2 200 5%20Penalties%20For%20An%20Incompetent%20Tax%20Preparer.jpg
www.pdfmagiconline.com/blog/images/ 146 KB
146 KB 653ms
652ms Image
image/jpeg 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfmagiconline.com/blog/images/5%20Penalties%20For%20An%20Incompetent%20Tax%20Preparer.jpg
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: 45c78a598de661192bdaba2fcff24d8ecf75aa3fb6c72954dc673ca63ee585e9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
x-cache-lookup: MISS from ip-10-14-10-53.ec2.internal:80
last-modified: Thu, 11 May 2023 15:29:13 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from ip-10-14-10-53.ec2.internal
content-type: image/jpeg
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 149786

GET
H2 200 5%20Reasons%20To%20Notify%20Your%20Insurance%20Provider%20Of%20A%20Car%20Accident.jpg
www.pdfmagiconline.com/blog/images/ 146 KB
147 KB 990ms
989ms Image
image/jpeg 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfmagiconline.com/blog/images/5%20Reasons%20To%20Notify%20Your%20Insurance%20Provider%20Of%20A%20Car%20Accident.jpg
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: 45c78a598de661192bdaba2fcff24d8ecf75aa3fb6c72954dc673ca63ee585e9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
x-cache-lookup: MISS from squid-ip-10-14-30-94:80
last-modified: Thu, 11 May 2023 15:29:13 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from squid-ip-10-14-30-94
content-type: image/jpeg
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 149786

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
744 B 176ms
62ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Gochi+Hand&family=Montserrat:wght@400;600;700&display=swap

Requested by

Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2e620bed228eb2a391b2dad68c2f0add5e118a11da8a0b0f151d4a46c32a8fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 08:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 08:22:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 08:22:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
831 B 175ms
61ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Requested by

Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9013a737d5a92af5fa83b598cbd897ca98275812fea86e8434bd96daa2c0eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 08:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 08:13:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 08:22:29 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 212 KB
76 KB 183ms
68ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T5H8VWH

Requested by

Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

536a0be786c234c162ce70056975670440f2bdaa8649f92712e84654b74d9fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77059
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Aug 2023 08:22:30 GMT

GET
H2 200 main-bg.png
www.pdfmagiconline.com/img/ 937 KB
937 KB 316ms
316ms Image
image/png 45.79.152.80
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pdfmagiconline.com/img/main-bg.png
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.152.80 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 45-79-152-80.ip.linodeusercontent.com
Software: Nginx /
Resource Hash: f10f117353bad780ddb988cafcfd7282304369d1a9d11adde07a9ab8783796cc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
x-cache-lookup: MISS from ip-10-14-10-53.ec2.internal:80
last-modified: Thu, 11 May 2023 15:29:14 GMT
server: Nginx
x-amz-server-side-encryption: AES256
x-cache: MISS from ip-10-14-10-53.ec2.internal
content-type: image/png
cache-control: public, max-age=900
accept-ranges: bytes
content-length: 959224

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 168ms
52ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pdfmagiconline.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 02:30:15 GMT
x-content-type-options: nosniff
age: 366735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 02:30:15 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 219ms
104ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pdfmagiconline.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:38:46 GMT
x-content-type-options: nosniff
age: 535424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Aug 2024 03:38:46 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ 387 KB
131 KB 236ms
130ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6495373596935145&plah=www.pdfmagiconline.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6495373596935145

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4196110c6a5fd6417e81bd77fb11f2ececf40d01233c0af0455bc4714542fa09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134171
x-xss-protection: 0
server: cafe
etag: 9073435222376725940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:22:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/ Frame 9898 10 KB
5 KB 165ms
52ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6495373596935145

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdfmagiconline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 51664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 18:01:26 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 18:01:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10807373594/ 3 KB
2 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10807373594/?random=1693383750346&cv=11&fst=1693383750346&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pdfmagiconline.com%2F&hn=www.googleadservices.com&frm=0&tiba=PDF%20Magic&auid=1717269685.1693383750&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5H8VWH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c31e917a7821ea96dd3b281a081bb44a246741abb45655eed6ccd53e564d230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/478325657/ 3 KB
1 KB 257ms
257ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/478325657/?random=1693383750349&cv=11&fst=1693383750349&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pdfmagiconline.com%2F&hn=www.googleadservices.com&frm=0&tiba=PDF%20Magic&auid=1717269685.1693383750&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5H8VWH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4456151a0f614d456dd29c995fa1c8a528754fbab94faf229cb320663a68e929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CJXisIf6g4EDFYEYaAgdYqAN_Q;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=1717269685.1693383750;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~o... Show response
12154094.fls.doubleclick.net/ Frame 2E15
Redirect Chain

https://12154094.fls.doubleclick.net/activityi;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=1717269685.1693383750;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2...
https://12154094.fls.doubleclick.net/activityi;dc_pre=CJXisIf6g4EDFYEYaAgdYqAN_Q;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=1717269685.1693383750;gtm=45He38s0;uaa=;uab=;uafvl=;ua...

456 B
601 B

169ms
168ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12154094.fls.doubleclick.net/activityi;dc_pre=CJXisIf6g4EDFYEYaAgdYqAN_Q;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=1717269685.1693383750;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pdfmagiconline.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5H8VWH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

a36b324fd28b8bd7d7afc914e78dafbc13b54d666872423b4220b23b471af5a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdfmagiconline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 263
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 08:22:30 GMT
expires: Wed, 30 Aug 2023 08:22:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 08:22:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12154094.fls.doubleclick.net/activityi;dc_pre=CJXisIf6g4EDFYEYaAgdYqAN_Q;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=1717269685.1693383750;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pdfmagiconline.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 byc365qbzp Show response
www.clarity.ms/tag/ 650 B
1017 B 315ms
151ms Script
application/x-javascript 2620:1ec:48:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/byc365qbzp?ref=gtm2
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9639c605628c48546859244994ac173b9f296054bfcfa52cb5f41fa0cf54d4ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
date: Wed, 30 Aug 2023 08:22:30 GMT
x-azure-ref: 0RvzuZAAAAAAWH1pDWk4WQYoch3JLKCvsRlJBMjMxMDUwNDE3MDI5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 650
expires: -1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
81 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QPHPMBL24P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5H8VWH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b0692ce1abedc22252b6d2aa5b055789850b18039c5bbc5ad7ab2003f77b893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82867
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 08:22:30 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10807373594/ 42 B
455 B 178ms
64ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10807373594/?random=1693383750346&cv=11&fst=1693382400000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pdfmagiconline.com%2F&frm=0&tiba=PDF%20Magic&fmt=3&is_vtc=1&random=1585993175&rmt_tld=0&ipr=y

Requested by

Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/10807373594/ 42 B
455 B 192ms
74ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/10807373594/?random=1693383750346&cv=11&fst=1693382400000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pdfmagiconline.com%2F&frm=0&tiba=PDF%20Magic&fmt=3&is_vtc=1&random=1585993175&rmt_tld=1&ipr=y

Requested by

Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 181ms
62ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QPHPMBL24P&gtm=45je38s0&_p=406706359&cid=688159843.1693383750&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693383750&sct=1&seg=0&dl=https%3A%2F%2Fwww.pdfmagiconline.com%2F&dt=PDF%20Magic&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QPHPMBL24P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pdfmagiconline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
610 B 183ms
64ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.pdfmagiconline.com&callback=_gfp_s_&client=ca-pub-6495373596935145

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6495373596935145&plah=www.pdfmagiconline.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

782587bc7c1ac5b6dd3419460c7c879513de567e9fcb6fd75f2a8986d23a057f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B773 308 KB
78 KB 1267ms
1267ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6495373596935145&output=html&adk=1812271804&adf=3025194257&lmt=1683815354&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.pdfmagiconline.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693383750150&bpp=4&bdt=765&idt=358&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=827323025107&frm=20&pv=2&ga_vid=688159843.1693383750&ga_sid=1693383751&ga_hid=406706359&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077317%2C31077523%2C44795921&oid=2&pvsid=1058618412334179&tmod=1325019931&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=382

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71ee3caeb6511384601336b6d3b346fbc2ed7fd4ac539b80ae2cea4a646d8ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdfmagiconline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 80284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 08:22:31 GMT
expires: Wed, 30 Aug 2023 08:22:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/478325657/ 42 B
108 B 66ms
66ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/478325657/?random=1693383750349&cv=11&fst=1693382400000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pdfmagiconline.com%2F&frm=0&tiba=PDF%20Magic&fmt=3&is_vtc=1&random=2818231672&rmt_tld=0&ipr=y

Requested by

Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/478325657/ 42 B
108 B 67ms
67ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/478325657/?random=1693383750349&cv=11&fst=1693382400000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pdfmagiconline.com%2F&frm=0&tiba=PDF%20Magic&fmt=3&is_vtc=1&random=2818231672&rmt_tld=1&ipr=y

Requested by

Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
20 KB 58ms
57ms Script
application/javascript 2620:1ec:48:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/byc365qbzp?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:30 GMT
content-encoding: br
last-modified: Tue, 29 Aug 2023 10:42:07 GMT
etag: "0x8DBA87C97B38534"
x-azure-ref: 0RvzuZAAAAAAAvQfKjkxqTYAMfj4jY2+dRlJBMjMxMDUwNDE3MDI5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: e7a98b97-c01e-0059-2571-daa958000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
302 B 438ms
139ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.pdfmagiconline.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.pdfmagiconline.com
Date: Wed, 30 Aug 2023 08:22:31 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 dc_pre=CJXisIf6g4EDFYEYaAgdYqAN_Q;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=*;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pdfmagic...
adservice.google.com/ddm/fls/z/ Frame 2E15 42 B
401 B 253ms
128ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJXisIf6g4EDFYEYaAgdYqAN_Q;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=*;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pdfmagiconline.com%2F

Requested by

Host: 12154094.fls.doubleclick.net
URL: https://12154094.fls.doubleclick.net/activityi;dc_pre=CJXisIf6g4EDFYEYaAgdYqAN_Q;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=1717269685.1693383750;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pdfmagiconline.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://12154094.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ 154 KB
52 KB 133ms
133ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c68017261fd755792e040870b16d8dfb80b2b82f4cd8514e507901e3a7b0e4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53649
x-xss-protection: 0
server: cafe
etag: 12804365937688029633
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:22:31 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame EF7E 10 KB
4 KB 53ms
52ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdfmagiconline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 61667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 15:14:45 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 15:14:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame BE95 10 KB
4 KB 53ms
52ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdfmagiconline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 61667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 15:14:45 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 15:14:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame EF7E 4 KB
767 B 63ms
62ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 08:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 06:23:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 08:22:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EF7E 205 B
520 B 238ms
121ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:41:38 GMT
x-content-type-options: nosniff
age: 132054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 27 Aug 2024 19:41:38 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EF7E 604 B
695 B 239ms
122ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:38:06 GMT
x-content-type-options: nosniff
age: 53066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 28 Aug 2024 17:38:06 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame EF7E 15 KB
7 KB 170ms
55ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

328cb29271341963f1503c02d0d00d7d67f60396961e4fdac73b74ebbe16d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:07:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6521
x-xss-protection: 0
server: cafe
etag: 18225085782652855565
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 14:07:06 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame EF7E 20 KB
8 KB 174ms
59ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:07:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 14:07:06 GMT

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
302 B 130ms
129ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.pdfmagiconline.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.pdfmagiconline.com
Date: Wed, 30 Aug 2023 08:22:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame BE95 9 KB
4 KB 216ms
111ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 14:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 14:39:46 GMT

GET
H2 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame BE95 11 KB
5 KB 221ms
116ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 14:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 14:52:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BE95 14 KB
1 KB 64ms
62ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 08:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 08:17:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 08:22:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame BE95 2 KB
926 B 240ms
139ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 14:00:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame BE95 23 KB
9 KB 216ms
115ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame BE95 3 KB
1 KB 226ms
126ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 07:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 07:18:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame BE95 20 KB
8 KB 170ms
70ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:55:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BE95 0
0 62ms
60ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUudfUVq0j87pDOkl60Q7jzwZUNHGQwC3mrvgMRtfO7lo1Exsmd6FNW1MYzVgpkUkcl93cX-c6NQ3Dp9yspNRGY3BXXw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BE95 181 KB
57 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:22:32 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame BE95 36 KB
15 KB 156ms
53ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:09:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D0E0 14 KB
1 KB 63ms
62ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 08:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 08:02:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 08:22:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame D0E0 2 KB
973 B 161ms
138ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 14:00:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame D0E0 23 KB
9 KB 150ms
129ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame D0E0 3 KB
1 KB 148ms
127ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 07:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 07:18:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8F78 1 KB
643 B 53ms
52ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 76113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Wed, 30 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame D0E0 20 KB
8 KB 126ms
106ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:55:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D0E0 0
0 61ms
60ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSsKoNQjKyIvYJqaaJcDp7A9MHh1oXtNi3xwLVQqzClrgWtAbuxr0OEp3s-iKukNQuvwfXxh-tLqWYDeWFHdeW9yOfjrg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D0E0 181 KB
56 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:22:32 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame D0E0 36 KB
15 KB 87ms
67ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:09:15 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8F78 35 B
463 B 186ms
56ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECgTJJ8mJluSGE4voyUPT-o&google_cver=1&google_push=AXcoOmR8L7JukCq6NbwR8t9wlRmmVv3XUzvEOUj9pM4tRNM-muO8hXI-fMNOAE9M6BaYw_FIpu6uRBbGmn5sojTBVIwO7B6pKsSQIZE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 8F78 0
104 B 245ms
94ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEB3ksyYb2wniN8XUlSprxEY&google_cver=1&google_push=AXcoOmQGK1j5ZL1SSVp_D3P91hckDS3t4HLGmm_AKQoHO5gZHMUgEDQ1YguNhkHRXECQ8dvO8HkCymVPIGTmnxwuRJfvZDa3E36cGgg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8F78
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDhCEuBwqPMQjhwejGu3Gv8&google_cver=1&google_push=AXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mCN2...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDhCEuBwqPMQjhwejGu3Gv8&google_cver=1&google_push=AXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mC...

43 B
421 B

213ms
196ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDhCEuBwqPMQjhwejGu3Gv8&google_cver=1&google_push=AXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mCN250&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mCN250%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7feba065dcbd24f2-LHR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1075
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDhCEuBwqPMQjhwejGu3Gv8&google_cver=1&google_push=AXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mCN250&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mCN250%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7feba0648ab524f2-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8F78
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEE3DqpS2hFAC6E0Y5_cClbI&google_cver=1&google_push=AXcoOmQx072aY1lUvFLoHX01shKdpf50c5zMHxVY88RDMVBVEAfCnfCJKwsoo0Fkj6fGK8wfWH_a9XhY7SbfweFcd7zOycu3xPb8oeM
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EDDBDD7C7D4F48758C000416F8008199&google_push=AXcoOmQx072aY1lUvFLoHX01shKdpf50c5zMHxVY88RDMVBVEAfCnfCJKwsoo0Fkj6fGK8wfWH_a9XhY7SbfweF...

170 B
232 B

64ms
63ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EDDBDD7C7D4F48758C000416F8008199&google_push=AXcoOmQx072aY1lUvFLoHX01shKdpf50c5zMHxVY88RDMVBVEAfCnfCJKwsoo0Fkj6fGK8wfWH_a9XhY7SbfweFcd7zOycu3xPb8oeM

Requested by

Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 30 Aug 2023 08:22:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EDDBDD7C7D4F48758C000416F8008199&google_push=AXcoOmQx072aY1lUvFLoHX01shKdpf50c5zMHxVY88RDMVBVEAfCnfCJKwsoo0Fkj6fGK8wfWH_a9XhY7SbfweFcd7zOycu3xPb8oeM
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 29 Aug 2023 08:22:32 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 8F78 70 B
265 B 186ms
54ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPw8KiAiFKMERp0ozaltWY0&google_cver=1&google_push=AXcoOmS1w0c7MSQVAbGaSvbu_S129XNh05D0blTTRP1ZL2E3yU80HlQ9xadQvNvd6daxBfQ9DziuVDQejwN0SmBEk-twodHZ4b1BfRE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8F78
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENW8Z-LKiomGm0zeozWCTYk&google_cver=1&google_push=AXcoOmQwAlutAmey8xateTmHbGe2lABHWcn1VVBOPR7u2egYZJE9anzYDv-9bXJYvACmq_zkh-oLNikLbCrrHeXmhNGRMPn...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQwAlutAmey8xateTmHbGe2lABHWcn1VVBOPR7u2egYZJE9anzYDv-9bXJYvACmq_zkh-oLNikLbCrrHeXmhNGRMPnwywmMuA&google_hm=eS1XMFJiUWJwRTJwR0Rx...

170 B
329 B

62ms
62ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQwAlutAmey8xateTmHbGe2lABHWcn1VVBOPR7u2egYZJE9anzYDv-9bXJYvACmq_zkh-oLNikLbCrrHeXmhNGRMPnwywmMuA&google_hm=eS1XMFJiUWJwRTJwR0RxU3hac0txc0RuTktUS2tDR09CdH5B

Requested by

Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 30 Aug 2023 08:22:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQwAlutAmey8xateTmHbGe2lABHWcn1VVBOPR7u2egYZJE9anzYDv-9bXJYvACmq_zkh-oLNikLbCrrHeXmhNGRMPnwywmMuA&google_hm=eS1XMFJiUWJwRTJwR0RxU3hac0txc0RuTktUS2tDR09CdH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 8F78 43 B
363 B 215ms
65ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSI1VGub2jN4C5bQTu6w2O2oaSCSXsLF5YAu5QwH5hakoyEd-NjOYLCfKYXIadB_-RmYcdbwjdJmr1UUW7xM2X4-t8GjcmDov0&google_gid=CAESEGxak7POrFsBflb-iU5owLg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 283068
expires: Wed, 30 Aug 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8F78 0
130 B 191ms
59ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGW4tV8KpubJSw00QhTEWIWadCRuf6sxC-1Izm_tjlX729Zbvc6dqDHJCip2Xxvfb7lGIe

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0FEC 143 B
166 B 55ms
52ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3529
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 07:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B092 1 KB
643 B 55ms
52ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 76113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Wed, 30 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BE95 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f74f3d921a3cb97425c3f820e15d3cecf0c3e318c0452a6d18d29b07ad86f46

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js Show response
pagead2.googlesyndication.com/bg/ Frame A2E8 37 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js

Requested by

Host: www.pdfmagiconline.com
URL: https://www.pdfmagiconline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 217632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 19:55:20 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0FEC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
64ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 08:22:32 GMT
expires: Wed, 30 Aug 2023 08:22:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 08:22:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B092
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECgTJJ8mJluSGE4voyUPT-o&google_cver=1&google_push=AXcoOmSMCni4yuWbGUUue2G1HIfoUHF5kCK9CdSmBO8thcfs0Ga3Heiw_L...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSMCni4yuWbGUUue2G1HIfoUHF5kCK9CdSmBO8thcfs0Ga3Heiw_L8vgs3mjCC8al3zuxtfxBmf49rnTeH-5HWAnYJHV_1-zQ&google_hm=eWWFarmPiI...

170 B
188 B

64ms
64ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSMCni4yuWbGUUue2G1HIfoUHF5kCK9CdSmBO8thcfs0Ga3Heiw_L8vgs3mjCC8al3zuxtfxBmf49rnTeH-5HWAnYJHV_1-zQ&google_hm=eWWFarmPiIWoDy23Id89xg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSMCni4yuWbGUUue2G1HIfoUHF5kCK9CdSmBO8thcfs0Ga3Heiw_L8vgs3mjCC8al3zuxtfxBmf49rnTeH-5HWAnYJHV_1-zQ&google_hm=eWWFarmPiIWoDy23Id89xg
pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B092 0
103 B 50ms
47ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEB3ksyYb2wniN8XUlSprxEY&google_cver=1&google_push=AXcoOmRdLzech7iYIUHESHh4GBF-UPNeESSczrnb0IROVdcPgKPAmqIWUdLWVvZICWEHugGoEZ-qGFCvUTQjWQaZ4tW5E_PlAg8V8Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B092
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDlDvQs3I9_Rgk7H2GQflfk&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDlDvQs3I9_Rgk7H2GQflfk&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlU5UTZZc0oxUUJndGE1&google_gid=CAESEDlDvQs3I9_Rgk7H2GQflfk&google_cver=1&google_push=AXcoOmRru-hsIvRyZbUXpUW6ZnzCmgvP4rrx2woPPlvdaRc...

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlU5UTZZc0oxUUJndGE1&google_gid=CAESEDlDvQs3I9_Rgk7H2GQflfk&google_cver=1&google_push=AXcoOmRru-hsIvRyZbUXpUW6ZnzCmgvP4rrx2woPPlvdaRcPPpwzgpmpj8RbNnrpUl1a9PSO8g-Sl5AYy43VgEprJJ5GITQPpFDj

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 08:22:32 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlU5UTZZc0oxUUJndGE1&google_gid=CAESEDlDvQs3I9_Rgk7H2GQflfk&google_cver=1&google_push=AXcoOmRru-hsIvRyZbUXpUW6ZnzCmgvP4rrx2woPPlvdaRcPPpwzgpmpj8RbNnrpUl1a9PSO8g-Sl5AYy43VgEprJJ5GITQPpFDj
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame B092 43 B
397 B 202ms
200ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEDhCEuBwqPMQjhwejGu3Gv8&google_cver=1&google_push=AXcoOmSgvfjNLAm1o0oqJwblN8ED058kP8XoERpAzjka0krgttBgaC_EHjwuGgR_FuXGlk5VR7aDMJA9UvzfPni_ErPZhrI1J_hM-A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSgvfjNLAm1o0oqJwblN8ED058kP8XoERpAzjka0krgttBgaC_EHjwuGgR_FuXGlk5VR7aDMJA9UvzfPni_ErPZhrI1J_hM-A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7feba0660d1124f2-LHR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B092
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENW8Z-LKiomGm0zeozWCTYk&google_cver=1&google_push=AXcoOmQ_SgGQAxJA5x2_VUjVWdejPtm3z4h3F9ncZKP4tNqJjFy6rqgyWQrV4NXD-Vm0EvoFJMskB8bjARZaWtZ22DKNXEY...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_SgGQAxJA5x2_VUjVWdejPtm3z4h3F9ncZKP4tNqJjFy6rqgyWQrV4NXD-Vm0EvoFJMskB8bjARZaWtZ22DKNXEYBS_T7&google_hm=eS1XMFJiUWJwRTJwR0RxU3...

170 B
188 B

63ms
62ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_SgGQAxJA5x2_VUjVWdejPtm3z4h3F9ncZKP4tNqJjFy6rqgyWQrV4NXD-Vm0EvoFJMskB8bjARZaWtZ22DKNXEYBS_T7&google_hm=eS1XMFJiUWJwRTJwR0RxU3hac0txc0RuTktUS2tDR09CdH5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 30 Aug 2023 08:22:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_SgGQAxJA5x2_VUjVWdejPtm3z4h3F9ncZKP4tNqJjFy6rqgyWQrV4NXD-Vm0EvoFJMskB8bjARZaWtZ22DKNXEYBS_T7&google_hm=eS1XMFJiUWJwRTJwR0RxU3hac0txc0RuTktUS2tDR09CdH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B092
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFX9O_DZIbJUO1-_m512Nqo&google_cver=1&google_push=AXcoOmQlxEZEp6RxcQSvZL7zZGo2IUuGsRdRBtz_k4PhbxfpW6Lgay2-cbcmf_n-SDzGDGOrPew4Bt0V...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFX9O_DZIbJUO1-_m512Nqo&google_cver=1&google_push=AXcoOmQlxEZEp6RxcQSvZL7zZGo2IUuGsRdRBtz_k4PhbxfpW6Lgay2-cbcmf_n-SDzGDGOrPew...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA2NDM4NDU1MjE0ODYyMjYwNQ&google_push=AXcoOmQlxEZEp6RxcQSvZL7zZGo2IUuGsRdRBtz_k4PhbxfpW6Lgay2-cbcmf_n-SDzGDGOrPew4Bt...

170 B
188 B

64ms
64ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA2NDM4NDU1MjE0ODYyMjYwNQ&google_push=AXcoOmQlxEZEp6RxcQSvZL7zZGo2IUuGsRdRBtz_k4PhbxfpW6Lgay2-cbcmf_n-SDzGDGOrPew4Bt0VlpOyHcnY1IKakg4uZRe_

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA2NDM4NDU1MjE0ODYyMjYwNQ&google_push=AXcoOmQlxEZEp6RxcQSvZL7zZGo2IUuGsRdRBtz_k4PhbxfpW6Lgay2-cbcmf_n-SDzGDGOrPew4Bt0VlpOyHcnY1IKakg4uZRe_
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B092
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECv4i7EqamF2Qp6pQYIw5Q4&google_cver=1&google_push=AXcoOmQ3yD1TaXg1kGnTy07K-J9WGgnVxQvXDEwsiyoWZC4uiJtrtNr9IJZI4G1pa5FgkXoYMQ_V-yEBkLYS...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ3yD1TaXg1kGnTy07K-J9WGgnVxQvXDEwsiyoWZC4uiJtrtNr9IJZI4G1pa5FgkXoYMQ_V-yEBkLYSe5wy1DAi7_Hi8TdP

170 B
188 B

64ms
63ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ3yD1TaXg1kGnTy07K-J9WGgnVxQvXDEwsiyoWZC4uiJtrtNr9IJZI4G1pa5FgkXoYMQ_V-yEBkLYSe5wy1DAi7_Hi8TdP

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ3yD1TaXg1kGnTy07K-J9WGgnVxQvXDEwsiyoWZC4uiJtrtNr9IJZI4G1pa5FgkXoYMQ_V-yEBkLYSe5wy1DAi7_Hi8TdP
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B092 0
40 B 62ms
61ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KihQHYT5YzDZWMPRGM99OiK3ix0U4DhBtxLT7WfYpEylHnlOawGcczVdW_dJ0OTEOF6FyH

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BE95
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CS3EfRvzuZNmhKLKqtOUP46mb-ASsge3Xcui3lsK-EQoQASCu1Z6UAWC7vpaD0AqgAZT2rKwoyAEBqAMByAPLBKoE2wFP0MInURzbRSOXV4bdW-wSafkkB8-9HjNXCgzJYPJk9Q2ALcTQGY5...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210274969082815810757%22,%22debug_reporting%22:true,%22destination%22:%22https://geekom.co.uk%22,%22event_report_window%22:...

0
0

218ms
87ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210274969082815810757%22,%22debug_reporting%22:true,%22destination%22:%22https://geekom.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210830428948%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214078550085744991649%22}&andc=true

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:33 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10274969082815810757","debug_reporting":true,"destination":"https://geekom.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10830428948"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"14078550085744991649"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 08:22:33 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 08:22:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10274969082815810757","debug_reporting":true,"destination":"https://geekom.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10830428948"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"14078550085744991649"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 108ms
108ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

368c8de82ff7ee7bd2411d0e479381ddd1b9724fff423982d64fa1dd58ee073b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11723
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=815ED0EA00944987B753997575816E82&RedC=c.clarity.ms&MXFR=32AB05ACE08064133AC216D1E4806A6B
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=815ED0EA00944987B753997575816E82&MUID=1BBDED7656C66A0B085FFE0B576A6BF4

42 B
444 B

70ms
69ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=815ED0EA00944987B753997575816E82&MUID=1BBDED7656C66A0B085FFE0B576A6BF4
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CE4E1B04ED53496CBEB5D5F32D3BF584 Ref B: FRA31EDGE0114 Ref C: 2023-08-30T08:22:33Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=815ED0EA00944987B753997575816E82&MUID=1BBDED7656C66A0B085FFE0B576A6BF4
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js Show response
pagead2.googlesyndication.com/bg/ Frame 132C 37 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 217632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 19:55:20 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 299ms
87ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 08:22:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 128ms
125ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 08:22:32 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A68 13 KB
5 KB 63ms
60ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pdfmagiconline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 3833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 07:18:40 GMT
expires: Thu, 29 Aug 2024 07:18:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 740D 829 B
561 B 63ms
62ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d94946c43e7aed7bac594c276080916ff470500933374396419772aa9de3bdc4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i6UVkGJw5CkZS_TJSjCJ6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pdfmagiconline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 539
content-security-policy: script-src 'report-sample' 'nonce-i6UVkGJw5CkZS_TJSjCJ6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 08:22:33 GMT
expires: Wed, 30 Aug 2023 08:22:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 740D 0
0 151ms
151ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=1058618412334179&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A68 37 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 217633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 19:55:20 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5A68 0
10 B 55ms
55ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?d0R4Og
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:22:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BE95 42 B
64 B 172ms
171ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSr3DYipuyeWwZv402U-1vdzAVpdce09mBJXzIwJV640m7kZ14LrRCrbMx7LbGrlzSx3BJmLlCUEWwFkJ3sGBZ1plNBT5fJ-leNnZwfRJPz0DIPBtS-9Hng7iw4TyS5YGaLiqr98dGh_3gT3mOaBtv9g3FtiHxS0J2fvoadpY&sai=AMfl-YRBbgnzTCBDphxzCGfR6TUaKlcI_TBkTmOIRd5EGkC_ldHF4oMJMsQkJ_zmnd3TkIyPsaeSEHhN80-oa0dq3BBq7iASN_Pg40w&sig=Cg0ArKJSzDllgAclHIO4EAE&cid=CAQSKQBpAlJWfEB8sQv5uN_5uJfVaR4CznUbp4bPfcOLUnxTqOjLU7I_Y7-lGAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=430,1000,1000,1000,1000&tos=430,570,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693383752054&rpt=714&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 08:22:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 157ms
156ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=1058618412334179&bg=!kZKlkt3NAAYkVgHwBFY7ADQBe5WfOBB1Y25w2YhxnTTjkp2t5gyL0-IbdxWBVNXW2sjXgqCSK_eC9Z_SHvDsD3y1kHPTAgAAAJBSAAAACWgBB5kCt-yOCe344s0VFgXkVX1BBte-5Pu3Ql6v0DV823j7Gr4sKWdhWqJGBau3BMKl22HwEXJryVtebIdLlKWl3AxNLpKQTWgiCw-p7UGs94E4NEFt3UTw48SKPfs-_NTC5z3gttffbVzO29iWTEGm2tkjWB193SBIgwHfEg3gj4zzQymO-npUNlq53gUvTBQ8-Iq7xJg1u5AEQWM73MAcT6b45oR8aTEIlg1VozTosvNpkp6dSeBS1T0waODoPoiTIVZEW8REJBQAMkWbHcw_Qq2aMUmMpABiu0le-w6lfNa-FfANxoHnc4CCBx72J3WCaXc4BIpMCDPJ8SB8Evk9Ge9-0QjrIwb66YQAfcdht-Obx9vQAc4yF2qPF9kwSYTE4vsNoq1CNzufqdmge8xuMHyy1ZMkPAFRMFA7rhE1gouoPGXnn4JHpT8d1mbNezG-LMlPFko8aHLDPZ8Jx9LQfYC5ZpsAi92BfcYBrjANKOjI1DFRdcQJaPdsHHfNcr7OW7ISLP2st_8QIBgiyIYSXmhpr-mLJiuFhkgQa2N0d42YsXgP0VjbxgywtiyFvBGs-j7SIRiqXXo9exMEbwXGVfpto7MC0P1ou4wQvGBxgz0StYY9Uy-_0Bkllaj0br7DhHM-0AdLtN_IEjX5W2Stv4_YIgNUbU8GQTma5VZpox0vHdqdv7B1dLaae8r6gJeq7rF88nSoGKdUWwKoRbu89Ca4iqXjOyEpgAQwVK-Lf69ZP1lM83JjARWIWVX6zkVUwmvvRWia5lmmVMYVoZWZecJVwEyir4VifvnVzqGfnNEO36JLdrPOgA41n1Mvq6ZpXYlv7p6KLGczFS4k4cCT6kU0p31jrDkwj4scA7XvNw9F4mXf3NWRKWH4SUF27knr8k4WE_esvhdIzid7_PX6hgXHf9n9CxkFWD9h
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pdfmagiconline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
302 B 131ms
130ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.pdfmagiconline.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.pdfmagiconline.com
Date: Wed, 30 Aug 2023 08:22:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pdfmagiconline.com/	1970-01-20 16:32:39	Name: _gcl_au Value: 1.1.1717269685.1693383750
.pdfmagiconline.com/	1970-01-20 23:59:03	Name: _ga_QPHPMBL24P Value: GS1.1.1693383750.1.0.1693383750.0.0.0
.pdfmagiconline.com/	1970-01-20 23:59:03	Name: _ga Value: GA1.1.688159843.1693383750
www.clarity.ms/	1970-01-20 23:08:39	Name: CLID Value: 9b5c71eff9e8443e91a8657a98a3f3e3.20230830.20240829
.pdfmagiconline.com/	1970-01-20 23:44:39	Name: __gads Value: ID=2b48435c670d3c44-2253bb6560de00a9:T=1693383750:RT=1693383750:S=ALNI_MYwEcTGm36VF1xR5RsgyDElKGmfcw
.pdfmagiconline.com/	1970-01-20 23:44:39	Name: __gpi Value: UID=00000c6b724c0995:T=1693383750:RT=1693383750:S=ALNI_MZvdg9_4-rg4Yr8vqjRbYJtIJUDIg
.pdfmagiconline.com/	1970-01-20 23:08:39	Name: _clck Value: 6coeb7\|2\|fel\|0\|1337
.pdfmagiconline.com/	1970-01-20 14:24:30	Name: _clsk Value: 1xttds9\|1693383751283\|1\|1\|y.clarity.ms/collect
.doubleclick.net/	1970-01-20 23:44:39	Name: IDE Value: AHWqTUns8nHD3njtTiczIY3U64ipDWci_IbwDl9-mPQQHZcOS917SypNZprWdk77BsI
.simpli.fi/	1970-01-20 23:10:06	Name: suid Value: EDDBDD7C7D4F48758C000416F8008199
.yahoo.com/	1970-01-20 23:09:01	Name: A3 Value: d=AQABBEj87mQCEJrR9IOJdjNuHaJ3K4s9dpwFEgEBAQFN8GT4ZAAAAAAA_eMAAA&S=AQAAAtPvJGumxFKXPzelqnOPLLw
.quantserve.com/	1970-01-20 16:32:39	Name: d Value: EFsBCQHqKYEA
.quantserve.com/	1970-01-20 23:53:18	Name: mc Value: 64eefc48-6a4e2-2b972-44719
.doubleclick.net/	1970-01-20 14:23:07	Name: DSID Value: NO_DATA
.adform.net/	1970-01-20 15:07:42	Name: C Value: 1
.tribalfusion.com/	1970-01-20 16:32:39	Name: ANON_ID Value: aJntuJp26Ua8e4OCaQoUwukKQmFGUnZcZdBTJUAUYL7pnqvCHt8BNTXv4LZbcdgbWKllvFvvdQDEEYa01vGx7f8uR26
.w55c.net/	1970-01-20 23:54:44	Name: wfivefivec Value: fU9Q6YsJ1QBgta5
.adform.net/	1970-01-20 15:49:27	Name: uid Value: 8064384552148622605
.w55c.net/	1970-01-20 15:06:15	Name: matchgoogle Value: 5
.bing.com/	1970-01-20 23:44:39	Name: MUID Value: 1BBDED7656C66A0B085FFE0B576A6BF4
.c.bing.com/	1970-01-20 14:33:08	Name: MR Value: 0
.c.bing.com/	1970-01-20 23:44:39	Name: SRM_B Value: 1BBDED7656C66A0B085FFE0B576A6BF4
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 23:44:39	Name: MUID Value: 1BBDED7656C66A0B085FFE0B576A6BF4
.c.clarity.ms/	1970-01-20 14:33:08	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 14:23:04	Name: ANONCHK Value: 0
.googleadservices.com/	1970-01-20 16:32:39	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12154094.fls.doubleclick.net
a.tribalfusion.com
adservice.google.com
c.bing.com
c.clarity.ms
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.google-analytics.com
s.tribalfusion.com
tpc.googlesyndication.com
um.simpli.fi
www.clarity.ms
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.pdfmagiconline.com
y.clarity.ms
104.211.35.148
142.250.184.194
142.250.184.198
142.250.185.98
178.250.7.11
2001:4860:4802:32::36
2606:4700::6812:18ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:48:1::45
2620:1ec:c11::200
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:830::200a
2a02:fa8:8806:12::1370
2a05:d018:d29:3601:78ec:3e9e:b03:b2b6
34.91.62.186
37.157.6.232
45.79.152.80
51.89.9.252
52.223.40.198
52.28.44.182
68.219.88.97
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13a082799552d0fbf3b86a81319b5ae5e09cc0d069218f31cc706b9f4d4e9bfe
162923bda88e2e0138d0a27d83489a6325d6c6e0007b214bef513839303260c2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a904bcf59f6ef11185075a0a6661e63396b7531d1ed3e01bbd6f0a056a0e318
1b0692ce1abedc22252b6d2aa5b055789850b18039c5bbc5ad7ab2003f77b893
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f74f3d921a3cb97425c3f820e15d3cecf0c3e318c0452a6d18d29b07ad86f46
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328cb29271341963f1503c02d0d00d7d67f60396961e4fdac73b74ebbe16d803
368c8de82ff7ee7bd2411d0e479381ddd1b9724fff423982d64fa1dd58ee073b
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc
4196110c6a5fd6417e81bd77fb11f2ececf40d01233c0af0455bc4714542fa09
4456151a0f614d456dd29c995fa1c8a528754fbab94faf229cb320663a68e929
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
45c78a598de661192bdaba2fcff24d8ecf75aa3fb6c72954dc673ca63ee585e9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
5161dad6da948d9bc1a98b045204d6ff89c797303c755827774db950c8beb07e
536a0be786c234c162ce70056975670440f2bdaa8649f92712e84654b74d9fb1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6684feb3c940a480fd3050407446078cd0858f06868287a48f0616f8a5649c1b
6c31e917a7821ea96dd3b281a081bb44a246741abb45655eed6ccd53e564d230
71ee3caeb6511384601336b6d3b346fbc2ed7fd4ac539b80ae2cea4a646d8ba7
782587bc7c1ac5b6dd3419460c7c879513de567e9fcb6fd75f2a8986d23a057f
7e7ff84655df1d4f7c2338e4ed712f26df17806ad5b3a3ff62c0637fb04b2c21
8c68017261fd755792e040870b16d8dfb80b2b82f4cd8514e507901e3a7b0e4b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94a5e5af53bdc295634bea1d47fb682eb846142aaf1bc68e7c363ca24c461f4b
9639c605628c48546859244994ac173b9f296054bfcfa52cb5f41fa0cf54d4ea
97eeba5d62569a131234a1828195f0fe59bb40a4f264aefcd89433b46a710416
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2e620bed228eb2a391b2dad68c2f0add5e118a11da8a0b0f151d4a46c32a8fd
a36b324fd28b8bd7d7afc914e78dafbc13b54d666872423b4220b23b471af5a8
a75d8592e87e98d2f925cd77c1bc3229cd4bb9bfa26623df84eea663dde29782
a9013a737d5a92af5fa83b598cbd897ca98275812fea86e8434bd96daa2c0eb3
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d52ed4a45590433affb0ec4f009320cba97774063146f86816b424ca7f709933
d94946c43e7aed7bac594c276080916ff470500933374396419772aa9de3bdc4
de6e0efa7821954c8cfdf9f793b68b73b6004a49b3b37b00b4891bbb9b12f977
e048295f3e7b9e93551afaaf228070b944a099ab0d2afb4ed71fecae50ceffbc
e3a07a4d0dde9642aa06e39797ff36c1817256ff0377ea990c7b71e10e1f4d49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eab4f8bdbf622a34fedec99e2374ee1424f26dd8ae677627b648a0fcfe457941
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10f117353bad780ddb988cafcfd7282304369d1a9d11adde07a9ab8783796cc
f715d4f7b6d475a6672544dc179172444da731d89be3716beeff960948377bdf
fc9270b7e1ade019077ba995ddd516f1575fe0d770f273c907748db023f3fdde
ffcfac539e9acab2466a11bd9a671468d12085b6af69c786c9b91da8ef7a2a4d

www.pdfmagiconline.com Open in urlscan Pro 45.79.152.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

90 %HTTPS

59 %IPv6

23 Domains

32 Subdomains

24 IPs

8 Countries

3746 kBTransfer

5321 kBSize

27 Cookies

0 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pdfmagiconline.com Open in urlscan Pro
45.79.152.80 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

90 %
HTTPS

59 %
IPv6

23
Domains

32
Subdomains

24
IPs

8
Countries

3746 kB
Transfer

5321 kB
Size

27
Cookies

104 HTTP transactions
1 data transactions