Submitted URL: http://maipdf.com/
Effective URL: https://maipdf.com/
Submission: On May 26 via api from US — Scanned from DE

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3030::6815:aa7, located in United States and belongs to CLOUDFLARENET, US. The main domain is maipdf.com.
TLS certificate: Issued by GTS CA 1P5 on May 3rd 2024. Valid for: 3 months.
This is the only time maipdf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2409:8c20:8ab... 56046 (CMNET-JIA...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2404:2280:1cc... 24429 (TAOBAO Zh...)
1 116.162.204.154 4837 (CHINA169-...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 9
Apex Domain
Subdomains
Transfer
6 maipdf.com
maipdf.com
11 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646
120 KB
3 bytecdntp.com
lf6-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 244027
lf3-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 200591
lf26-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 237535
129 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
194 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 44
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
6 KB
18 7
Domain Requested by
6 maipdf.com 1 redirects maipdf.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 fonts.gstatic.com maipdf.com
2 pagead2.googlesyndication.com maipdf.com
pagead2.googlesyndication.com
1 lh3.googleusercontent.com maipdf.com
1 fonts.googleapis.com
1 lf26-cdn-tos.bytecdntp.com maipdf.com
1 lf3-cdn-tos.bytecdntp.com maipdf.com
1 lf6-cdn-tos.bytecdntp.com maipdf.com
18 9

This site contains links to these domains. Also see Links.

Domain
iplogger.icu
privnote.chat
privnote.maipdf.com
paypal.me
grabify.icu
pdfhost.online
Subject Issuer Validity Valid
maipdf.com
GTS CA 1P5
2024-05-03 -
2024-08-01
3 months crt.sh
*.bytecdntp.com
RapidSSL TLS RSA CA G1
2023-06-30 -
2024-06-28
a year crt.sh
*.g.doubleclick.net
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.googleusercontent.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh

This page contains 2 frames:

Primary Page: https://maipdf.com/
Frame ID: EFC25D402507B7F14F096DBEDAB24391
Requests: 16 HTTP requests in this frame

Frame: https://maipdf.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Frame ID: 7D8EA1983810790A5B713326EF52E17B
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

MaiPDF

Page URL History Show full URLs

  1. http://maipdf.com/ HTTP 307
    https://maipdf.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

94 %
HTTPS

89 %
IPv6

7
Domains

9
Subdomains

9
IPs

4
Countries

634 kB
Transfer

1740 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://maipdf.com/ HTTP 307
    https://maipdf.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://maipdf.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://maipdf.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
maipdf.com/
Redirect Chain
  • http://maipdf.com/
  • https://maipdf.com/
10 KB
4 KB
Document
General
Full URL
https://maipdf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1261fd4346979a9d0060d298656788874990245619f221287dd9e50d42f3fd1e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
889ea6807ee21c13-FRA
content-encoding
br
content-type
text/html
date
Sun, 26 May 2024 15:03:10 GMT
last-modified
Mon, 11 Mar 2024 07:18:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDLgO%2FdUYi4eti0LbPys9vSW1GiItc1elHEiY39UvTMCpakuECOu2LIHkOCLRANNBb2vJWZxUQOOlBTH4ncbSIkjnRzGxr2YS%2B%2B8%2ForkLrjNBZRbd0VnZlw84AiTzoygUpz0KensknPT"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://maipdf.com/
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.js
lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap/5.1.3/js/
58 KB
17 KB
Script
General
Full URL
https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap/5.1.3/js/bootstrap.min.js
Requested by
Host: maipdf.com
URL: https://maipdf.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c20:8ab1:23:1::f4 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maipdf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:26:08 GMT
content-encoding
gzip
x-tt-trace-tag
id=06;cdn-cache=hit;type=static
age
949030
x-link-via
yanccm33:443;tzmp24:443;
x-cache-status
HIT from KS-CLOUD-TZ-MP-24-14, HIT from KS-CLOUD-YANC-CM-33-20
server-timing
inner; dur=8
content-length
16345
last-modified
Sun, 24 Apr 2022 16:32:43 GMT
server
nginx
x-tt-logid
202305241924189C19D6B5798D91C6C904
etag
W/"62657bab-e753"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-tt-trace-host
01cc1dbc99865cba72bd9fdbdd884bc0ae646b49b1a1ae1e7199b705468e9a05cad4f270ed4bcaf6720589002618601b42d0d7aab1f38bc374aea06b695da399bf4733e089323b9301ab7ca804a055f0360b261c9527a58862d260f68668d04c96
x-response-cinfo
2001:1b60:1010:2:1011:f22:f21b:2931
accept-ranges
bytes
x-response-cache
edge_hit
timing-allow-origin
*
x-cdn-request-id
71d3050bf2c12e1a52241954b75e4b8a
expires
Fri, 14 Jun 2024 15:26:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
149 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9224406325142860
Requested by
Host: maipdf.com
URL: https://maipdf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffba1642f0db1a771cadab598213a5fe8852f917953b401a249feb53073e7f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maipdf.com/
Origin
https://maipdf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 15:03:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51529
x-xss-protection
0
server
cafe
etag
15350486221692017847
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 26 May 2024 15:03:10 GMT
bootstrap.min.css
lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap/5.1.3/css/
160 KB
24 KB
Stylesheet
General
Full URL
https://lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap/5.1.3/css/bootstrap.min.css
Requested by
Host: maipdf.com
URL: https://maipdf.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::10 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maipdf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 04:53:21 GMT
content-encoding
gzip
via
cache6.l2de2[398,398,200-0,M], cache11.l2de2[399,0], ens-cache11.de5[0,0,200-0,H], ens-cache16.de5[1,0]
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
x-tt-trace-id
00-2405261253218644D9E01E8A313EC8ED-18BEE43476DDAFD2-00
age
36589
x-swift-cachetime
2592000
x-cache
HIT TCP_HIT dirn:13:773282164
server-timing
inner; dur=12
x-swift-savetime
Sun, 26 May 2024 04:53:21 GMT
content-length
23944
last-modified
Sun, 24 Apr 2022 16:32:44 GMT
server
Tengine
x-tt-logid
202405261253218644D9E01E8A313EC8ED
etag
W/"62657bac-28021"
vary
Accept-Encoding
ali-swift-global-savetime
1716699201
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
x-tt-trace-host
019c11ab9888c19b313fd6e56dd64e76a63f5236df31a752fb35ed37f2bcfda767266bb04057ff7177b1f4fe3dbce9521fa65b996d98c5a1d549c061cab95484a544d636751f99e3b1435ce3b1da8c52b5
x-response-cinfo
2001:1b60:1010:2:1011:f22:f21b:2931
x-response-cache
edge_hit
timing-allow-origin
*, *
eagleid
a3b55ca417167357904637420e
expires
Tue, 25 Jun 2024 04:51:02 GMT
all.min.css
lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/font-awesome/6.0.0/css/
87 KB
88 KB
Stylesheet
General
Full URL
https://lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/font-awesome/6.0.0/css/all.min.css
Requested by
Host: maipdf.com
URL: https://maipdf.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.162.204.154 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maipdf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 26 May 2024 15:03:13 GMT
via
CHN-HNchangsha-CUCC11-CACHE9[19],CHN-HNchangsha-CUCC11-CACHE1[0,TCP_HIT,6],CHN-HNchangsha-GLOBAL1-CACHE110[9],CHN-HNchangsha-GLOBAL1-CACHE42[0,TCP_HIT,3],CHN-HEshijiazhuang-GLOBAL1-CACHE85[37],CHN-HEshijiazhuang-GLOBAL1-CACHE42[0,TCP_HIT,35]
x-ccdn-cachettl
2592000
x-tt-trace-tag
id=26;cdn-cache=hit;type=static
x-tt-trace-id
00-240409205823FE337A7CC5FFD307EAE7-1FD27DE8266AC651-00
age
1039601
server-timing
inner; dur=24
content-length
89220
last-modified
Sun, 24 Apr 2022 17:08:41 GMT
server
openresty
x-tt-logid
20240409205823FE337A7CC5FFD307EAE7
etag
"62658419-15c84"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-expires
1552399
x-tt-trace-host
0134af9aacc3e156eedf706f08c2db0cff1db70ffb19ef90a29cb32b6a6cc64aaa26f9ed415f5aac93d7de1b4aeff6bfb2aafdba97eca0f0bd3e3c27a5842ac734690133fa76dd2531e0da9c206ebd18b5223122a2872b012fd12bb4f44bc0b6793dfce2c1492b59601ed998427e3f1ba0
x-response-cinfo
84.19.175.183
accept-ranges
bytes
timing-allow-origin
*
x-response-cache
edge_hit
x-hcs-proxy-type
1
expires
Thu, 09 May 2024 13:00:31 GMT
email-decode.min.js
maipdf.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://maipdf.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: maipdf.com
URL: https://maipdf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maipdf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 15:03:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 22 May 2024 09:02:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"664db4b7-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EABP5sH8O3onoZkVp9XViFvml5rLNoa2LPDBPbaZVwaNv7Fo%2BIx8Dfr69o2DRsBVtuOHGjTGNZzhlLIU%2BZsVsWsNRXjd0EDyRpIy80AOU%2FSmgsQob8a18%2FZMO7xVL%2FgYEuTLaksS7sGW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
889ea680ff851c13-FRA
expires
Tue, 28 May 2024 15:03:10 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405220101/
424 KB
143 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9224406325142860&plah=maipdf.com&aplac=true&bust=31083976
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9224406325142860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50d186db4ea12f91041424d57ea9d75c388d38a9f74533d246e0fb814ad74a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maipdf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 15:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146641
x-xss-protection
0
server
cafe
etag
10340157349638317781
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 26 May 2024 15:03:18 GMT
main.js
maipdf.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/ Frame 7D8E
Redirect Chain
  • https://maipdf.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://maipdf.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
8 KB
4 KB
Script
General
Full URL
https://maipdf.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Requested by
Host: maipdf.com
URL: https://maipdf.com/
Protocol
H3
Server
2606:4700:3030::6815:aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
affee1e9783e4fd864d089dd460cdad37d0cd45a393efde1dfea3af2db7a27bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 26 May 2024 15:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LHM%2FfoxfkuUTGRZONS56j5Cp87K%2FrkeYyXfk1tLYUqj8srufP0Fvx0ukMmHMCmi38NBHqKd9%2Bv4tIg4ryDyCTpUVrRVcILooqkwz6B0h%2BGSDWjrhTWl4buGrY%2BmC152Aj3uTzbwpXiDs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
889ea6b459c79a2f-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 26 May 2024 15:03:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FcTsWB998qDDPDC0c%2Bq6rDqpQWROPP7PjfqffVDoUMlLHA%2Bnx04CjsoHIq0gDGyD7KzPayNt8QUee3WcDmNEXfoquSAvyyFqgZrsqkqK9QRNRkxbifd3IH01mN%2BeydTsqVxPblNaBqC%2F"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
889ea6b3a8b79a2f-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
889ea6807ee21c13
maipdf.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7D8E
0
594 B
XHR
General
Full URL
https://maipdf.com/cdn-cgi/challenge-platform/h/b/jsd/r/889ea6807ee21c13
Requested by
Host: maipdf.com
URL: https://maipdf.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 26 May 2024 15:03:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yIA5iUgeK4emRY6kU%2BLd4bQu2P4133uu1kxnmVZxeoBNhawnltBcRPFfhiO6BDDvNArvWD%2B4HWisN%2BI47dKsJ7rKt7zKv7GAmMuXLQyihr9LYT%2FI4p4P9Do1YGIR1wR0CvKfwdU7Pzla"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
889ea6b5dbb39a2f-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
ca-pub-9224406325142860
fundingchoicesmessages.google.com/i/
182 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9224406325142860?href=https%3A%2F%2Fmaipdf.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9224406325142860&plah=maipdf.com&aplac=true&bust=31083976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
688c16db9974d29c0c6d180b789b0b05a45b3c307c5c679cad408d667bcaac78
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ldiY_keffvRhXusGSfwEGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maipdf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 15:03:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-ldiY_keffvRhXusGSfwEGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw05BiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQt3--wDoTiIV4OLbPO7uJTWDH6jkrGZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDEyNjPUMzOILDADVWzad"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXnDLDZoD_H9DfbH-2c6IEF8bthQMa1WeCNpphSgnqfKwD-mjohQ8QTo57C9ei5e_xUX2aVrAHIm0zLqml7cAROd5V3ZdPMs3YNnkFEjQZDrY6Odll56BgmDIE6DKrT8Bu_SJwgCA==
fundingchoicesmessages.google.com/f/
370 KB
59 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXnDLDZoD_H9DfbH-2c6IEF8bthQMa1WeCNpphSgnqfKwD-mjohQ8QTo57C9ei5e_xUX2aVrAHIm0zLqml7cAROd5V3ZdPMs3YNnkFEjQZDrY6Odll56BgmDIE6DKrT8Bu_SJwgCA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE2NzM1Nzk5LDQ0NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tYWlwZGYuY29tLyIsbnVsbCxbWzgsIlljVVc3RnFoUThrIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMyBMiD7kwPWWUT1cnOJEyBUMTFZww/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ee92839c9b2fc3d65eb9d3c3d4c49bdef56158464e9195fb0e2d3578e50afdd4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7CyjF_XFmw0hKP2O2Dok6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maipdf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 15:03:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-7CyjF_XFmw0hKP2O2Dok6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw0pBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQt3--wDoTiIV4OLbPO7uJTWDGzaktTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqZGxnoGZvEFBgDOQzZ8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
109 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YcUW7FqhQ8k.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMw3xjiMWmUVodLEbtvNHeRlRdU9gg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maipdf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 26 May 2024 15:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 26 May 2024 15:03:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 May 2024 15:03:20 GMT
qIksFmYigI0JVVBJcHte67lZrIjjapXHGYHRdndZbOxXhx1PozOcBwTFVebXAkf95ij7uTjXzPadOMPQXzNDGHhGmFZLHzUq29ZUe6AsVlE08r6r7qe6HA=h60
lh3.googleusercontent.com/
1 KB
1 KB
Image
General
Full URL
https://lh3.googleusercontent.com/qIksFmYigI0JVVBJcHte67lZrIjjapXHGYHRdndZbOxXhx1PozOcBwTFVebXAkf95ij7uTjXzPadOMPQXzNDGHhGmFZLHzUq29ZUe6AsVlE08r6r7qe6HA=h60
Requested by
Host: maipdf.com
URL: https://maipdf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e6af9d97298fef3e4d0a251d2d7f0f6c3f80779cfee79d34d6d9dc794ad2fdda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maipdf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 12:06:48 GMT
x-content-type-options
nosniff
age
10591
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1065
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 27 May 2024 12:06:48 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: maipdf.com
URL: https://maipdf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maipdf.com/
Origin
https://maipdf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 00:50:53 GMT
x-content-type-options
nosniff
age
483146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 00:50:53 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: maipdf.com
URL: https://maipdf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maipdf.com/
Origin
https://maipdf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 10:44:53 GMT
x-content-type-options
nosniff
age
101906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 May 2025 10:44:53 GMT
AGSKWxUa1JeKmHB4Luqn5S5pt0tcaXncdlj6OTpmvk5eiUX1tvanOS_OOIcGSv-5HjHtWYorqg6xy1nWi3rq_VR9yfQCRKkaVDPEvgUud0Qx3l04V-Cfsq2N6-CyHIDXWzjRRCP_wyxh5w==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUa1JeKmHB4Luqn5S5pt0tcaXncdlj6OTpmvk5eiUX1tvanOS_OOIcGSv-5HjHtWYorqg6xy1nWi3rq_VR9yfQCRKkaVDPEvgUud0Qx3l04V-Cfsq2N6-CyHIDXWzjRRCP_wyxh5w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMyBMiD7kwPWWUT1cnOJEyBUMTFZww/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uFi1OuuRJIE5PwvCctiuiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://maipdf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 26 May 2024 15:03:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-uFi1OuuRJIE5PwvCctiuiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1ZBicEqfwRoCxEI8HNvnnd3EJjDjXNcPJiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqZKxnYB5fYAAAwT4irw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://maipdf.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUa1JeKmHB4Luqn5S5pt0tcaXncdlj6OTpmvk5eiUX1tvanOS_OOIcGSv-5HjHtWYorqg6xy1nWi3rq_VR9yfQCRKkaVDPEvgUud0Qx3l04V-Cfsq2N6-CyHIDXWzjRRCP_wyxh5w==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUa1JeKmHB4Luqn5S5pt0tcaXncdlj6OTpmvk5eiUX1tvanOS_OOIcGSv-5HjHtWYorqg6xy1nWi3rq_VR9yfQCRKkaVDPEvgUud0Qx3l04V-Cfsq2N6-CyHIDXWzjRRCP_wyxh5w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMyBMiD7kwPWWUT1cnOJEyBUMTFZww/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qyhPv4j9izelRRYy9gAdlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://maipdf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 26 May 2024 15:03:19 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qyhPv4j9izelRRYy9gAdlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0ZBicEqfwRoCxEI8HNvnnd3EJrCg6fpPJiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqZKxnYB5fYAAAw3siuA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://maipdf.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.ico
maipdf.com/
8 KB
2 KB
Other
General
Full URL
https://maipdf.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83159cb6ab2cd339ce3642c4f280475febe30aa21eea00d3cc355e8e7d5a18ea

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maipdf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 15:03:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2019 09:41:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1760
etag
W/"5c94adbc-1fd3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2BLATkqc081N8QA0fNhsAgPTWL6DVrV5rvHGSvCS0c77FVuzBpHKooPnMkV7k46IHn1lim%2FRZQiQGVtXDs9Fxc8oUsztaVHXehJV8oHaJ3ZcDFoNM9flRr2YaI5ep06hg6KeGmNOA%2BGb"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=31536000
cf-ray
889ea6c109769a2f-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 number| uidEvent object| bootstrap object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| OTQ0OTZhYzcwMzQxYWVkOGxvYWRlcl9qcw== string| OTQ0OTZhYzcwMzQxYWVkOGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

1 Cookies

Domain/Path Name / Value
.maipdf.com/ Name: cf_clearance
Value: o2tCi0XdK4R2j9Y4p3Hf4w5307bhTrmjI25AviFGftg-1716735798-1.0.1.1-ODxASBwxnO2SxwEpE1xY__CYpaGJUe3I8sIAEY7oIVPZ_lCfqeXAvGn5gEkFFXa0jKkIya3H1l4Qs8Z8I7SuUA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lf26-cdn-tos.bytecdntp.com
lf3-cdn-tos.bytecdntp.com
lf6-cdn-tos.bytecdntp.com
lh3.googleusercontent.com
maipdf.com
pagead2.googlesyndication.com
116.162.204.154
2404:2280:1cc:0:3::10
2409:8c20:8ab1:23:1::f4
2606:4700:3030::6815:aa7
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
1261fd4346979a9d0060d298656788874990245619f221287dd9e50d42f3fd1e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
50d186db4ea12f91041424d57ea9d75c388d38a9f74533d246e0fb814ad74a6c
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
688c16db9974d29c0c6d180b789b0b05a45b3c307c5c679cad408d667bcaac78
6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83159cb6ab2cd339ce3642c4f280475febe30aa21eea00d3cc355e8e7d5a18ea
8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e
affee1e9783e4fd864d089dd460cdad37d0cd45a393efde1dfea3af2db7a27bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6af9d97298fef3e4d0a251d2d7f0f6c3f80779cfee79d34d6d9dc794ad2fdda
ee92839c9b2fc3d65eb9d3c3d4c49bdef56158464e9195fb0e2d3578e50afdd4
ffba1642f0db1a771cadab598213a5fe8852f917953b401a249feb53073e7f83