www.ilovepdf.com Open in urlscan Pro
104.20.1.94 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ilovepdf.com/pdf_to_word
Submission: On January 23 via manual (January 23rd 2023, 1:09:13 am UTC) from AU — Scanned from AU

Summary HTTP 76 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 21 domains to perform 76 HTTP transactions. The main IP is 104.20.1.94, located in and belongs to CLOUDFLARENET, US. The main domain is www.ilovepdf.com. The Cisco Umbrella rank of the primary domain is 31663.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 2nd 2022. Valid for: a year.

This is the only time www.ilovepdf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	104.20.1.94 104.20.1.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.251.12.155 142.251.12.155	15169 (GOOGLE) (GOOGLE)
2	142.250.4.139 142.250.4.139	15169 (GOOGLE) (GOOGLE)
1	104.20.0.94 104.20.0.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
1	74.125.24.156 74.125.24.156	15169 (GOOGLE) (GOOGLE)
1	172.217.194.157 172.217.194.157	15169 (GOOGLE) (GOOGLE)
2	172.253.118.132 172.253.118.132	15169 (GOOGLE) (GOOGLE)
8	172.217.194.154 172.217.194.154	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	182.161.73.129 182.161.73.129	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
7	142.250.4.157 142.250.4.157	15169 (GOOGLE) (GOOGLE)
1	23.90.68.36 23.90.68.36	27381 (CASALE-MEDIA) (CASALE-MEDIA)
10	142.251.10.132 142.251.10.132	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1 3	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	74.125.24.105 74.125.24.105	15169 (GOOGLE) (GOOGLE)
4 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	202.241.208.54 202.241.208.54	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 2	13.33.88.71 13.33.88.71	16509 (AMAZON-02) (AMAZON-02)
3 4	142.251.10.155 142.251.10.155	15169 (GOOGLE) (GOOGLE)
1 2	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1 6	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	34.111.151.213 34.111.151.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
1 1	103.229.10.171 103.229.10.171	16509 (AMAZON-02) (AMAZON-02)
1	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
76	25

14 104.20.1.94 (None, )

ASN13335 (CLOUDFLARENET, US)

www.ilovepdf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f139.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.0.94 (None, )

ASN13335 (CLOUDFLARENET, US)

evt.ilovepdf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net

131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.90.68.36 (India)

ASN27381 (CASALE-MEDIA, CA)

a5345.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.24.105 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.54 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.88.71 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-71.sin2.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.10.155 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.5.84.243 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Meaux, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.10.171 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com 131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156	135 KB
15	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 216	207 KB
15	ilovepdf.com www.ilovepdf.com — Cisco Umbrella Rank: 31663 evt.ilovepdf.com — Cisco Umbrella Rank: 36165	500 KB
11	casalemedia.com 2 redirects a5345.casalemedia.com ssum-sec.casalemedia.com — Cisco Umbrella Rank: 434 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528 dsum.casalemedia.com — Cisco Umbrella Rank: 1297	7 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2596 google-bidout-d.openx.net — Cisco Umbrella Rank: 2546 us-u.openx.net — Cisco Umbrella Rank: 420 jp-u.openx.net — Cisco Umbrella Rank: 10656	2 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 301	2 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 554	659 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 279	2 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 28314	1 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 385	7 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	96 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22	20 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 605	352 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 636	510 B
1	adotmob.com 1 redirects sync.adotmob.com — Cisco Umbrella Rank: 1513	667 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1488	350 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 935	854 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 637	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2762	8 KB
1	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 67088	792 B
76	21

	Domain	Requested by
14	www.ilovepdf.com	www.ilovepdf.com
10	tpc.googlesyndication.com	131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com
8	pagead2.googlesyndication.com	www.ilovepdf.com 131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	googleads.g.doubleclick.net	www.ilovepdf.com 131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com googleads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.ilovepdf.com securepubads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects google-bidout-d.openx.net
4	match.adsrvr.org	4 redirects
3	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	1 redirects 131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com ssum-sec.casalemedia.com
2	sync-tm.everesttech.net	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	us-u.openx.net	google-bidout-d.openx.net
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	oajs.openx.net	1 redirects
2	www.googletagservices.com	131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.ilovepdf.com
1	js-sec.indexww.com	ssum-sec.casalemedia.com
1	cms.quantserve.com	1 redirects
1	sync.adotmob.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	dmp.brand-display.com	1 redirects
1	tg.socdm.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	a5345.casalemedia.com	131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.com.au	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.ilovepdf.com
1	evt.ilovepdf.com	www.ilovepdf.com
76	34

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
www.instagram.com
developer.ilovepdf.com
wordpress.org
www.iloveimg.com
solidframework.net

Subject Issuer	Validity	Valid
*.ilovepdf.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-12-02` - `2023-03-02`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-24` - `2023-06-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.ilovepdf.com/pdf_to_word
Frame ID: 7AAFF12F989541F3679F7C7B451C47BB
Requests: 32 HTTP requests in this frame

Frame: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 136834C3DD0F8678F7BA485352A77BC9
Requests: 1 HTTP requests in this frame

Frame: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EAAC73E25118E63C573374D546928AAE
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2480754353&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=103.209.254.0&output=html&unviewed_position_start=1&url=https://www.ilovepdf.com/pdf_to_word&sub_client=bidder-785185&aceid=MDIZtAA9HLQAMNTmAEZbNAEOaDQBXoA0AUuCNAEjgzQBS4M0AVmDNAHUgzQB1YM0AfCDNAH0gzQB94M0Af6DNAH_gzQBAoQ0AQ6ENAEThDQBKIQ0ATmENAF6hDQBg4Q0AYSENAGIhDQBjYQ0AY6ENAGThDQBmIQ0AUtzQQFTc0EBfx5cAkofXAJiH1wCeUCqAidCqgIoQqoCEmiqAuqGqgLYjqoCgJuqAoGbqgKCm6oC_KaqAqKoqgJFvaoC29aqAlPZqgKM3aoCoOWqAtjxqgKi8qoC9PWqAmr4qgIK-6oCJvuqAkL7qgJ2_KoCIQirAsQMqwIeEKsCUBerAmIcqwIEHqsCnh6rAh8fqwKgIKsCWiGrAjwjqwINJqsCVCirAlwoqwLSKqsC-yurAugvqwJ-MKsCoTCrAs4wqwJ7MqsC_zOrAgI0qwJ7NKsCXjarAk43qwKhN6sC3DerAqw5qwK1OasCDTyrAiM8qwJwPasC9j6rAmZAqwKoQasC90GrAidCqwImRKsCnUSrAhdFqwISRqsCF0arAjxGqwKnR6sCv0mrAuBJqwKeSqsCI0yrAmRMqwI7TasCVk2rAqNNqwLvTasCKE6rArdPqwJ7UKsCE1GrAhVRqwKTUasC2VKrAvV0JAT6QtwJ0JP7Egmo-xI_sfsSIcX7EhXI-xJH3_sS-OX7Eu_t-xKd9PsSK_f7Eof3-xIPBPwSPgr8EkQK_BKTCvwS_Qr8Ej0L_BJFC_wSXQz8ErDwWShGGwdq&awbid_c=AKAmf-C5yULkZrBjq5cozT_dveb5sXZBwR5RnfHliV1q1LdU_UW9NIQJPykiYAUx68-pZ5oYw9uMjfW-AJ6A_ffQLpvB9w8Wz2iNE0-hk_BQmNlw9I0yNPQjp1R0jEMk2Vrz2y90XdL8OE7Z26Brn4DVL--2cN85YSTD1TV1ECZB7hIIpZGEP74&awbid_d=AKAmf-CipM_T5b3Ec_FtyWGSI-w6IwUSs-nE8kI1J2u8A1xWr7a3lWkHnZZ6MZ5B4hPCkYuCl1Cv4ZhFHK2YOpUHD2V13riN8Iperp8FyRMjrhhh9qpK29DVsCas_tOk2yyIeacQ2f_2q0T-iqMYhFxToIMxYJIc_BgLuPao2Pbgs0c5SAtIMipRYKQqn8_Bc3ZWmQ8UcpWvtMkPN1TuyfK2MA7YoP5MzhLhh32lxckR9vG9nlN_dFFoeW5nwD1nhz-z4ataIRz44H2fL9k2HKsOj3PJrC6k42pAJxSB4YzRi3sc-7rU5tp_Z2AQ-WfFNy3Q5GllhqL6khVrH83WTBQYgosE9NP-7mngKg-lhTHnQnwyRPmzHNjolx1e-yAO_J9LeWG6Qzmi6geypZLCPG1X_mfhEQUq0FLTZek_WPhSSaPriKOp0kQBdKj2Sg6xziMKfY1gfEOvEMMnBBG1B5VIi2YFflw57dvzwNu4WPAQNYIoPs8PgYdyB0mqi177dWquKCQoLXpOknxi7yyA0zCJEYIQhVAU6CYCrPwbRpqbU6NzldUAa6ypUxr1Gz_634eXEkd3KG3_yDPv0QkGcCkdfwUGkHlIp1yHmNwlr8a33JkDNwsZeAKZMgRL_29eFuteCBcyCs5LQv4gquEoxUQd-DUT2taATR-2lfgz5Lf7jLFupZ2G4KmeMDj4ej_qCmq2hhM30sJw6yFrZbpEbjfERL7BGSwWUQ&cid=CAQSGwDq26N9GcD_9cz1m2MkFhZuFE8URsmFgrBT0RgBIAo&exk=19681368&rfl=https%3A%2F%2Fwww.ilovepdf.com%2F&a_pr=13:Y83eMwAAAAD3dZSvQ3mJRvm8cAo0cGN2TKmgug
Frame ID: 5FFEEBAF47D5C1DFF622953E8BC490CC
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ilovepdf.com
Frame ID: 83DE3314A422B0477E4793D95B1952E8
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1
Frame ID: E388E7BD91C8770765F66A6E319EB433
Requests: 10 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 6746DA840C748EE49EC59B1FD935EF85
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 31C8FF0A9AEEC86C030128F5C73AC464
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E55903108A6636318C3AB05BD4AF3BF1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DFDCE3359BF505E6AC83862ABD69584C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: C7B683A7A0B23F060DD00397C3D18F3B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PDF to WORD | Convert PDF to Word online for free

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

76
Requests

83 %
HTTPS

0 %
IPv6

21
Domains

34
Subdomains

25
IPs

7
Countries

996 kB
Transfer

2881 kB
Size

35
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/ilovepdf_com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ilovepdfcom-238648522858564/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ilovepdf/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ilovepdf_official/

Search URL Search Domain Scan URL

URL: https://developer.ilovepdf.com/
Title: API Rest

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/ilovepdf/
Title: Wordpress Plugin

Search URL Search Domain Scan URL

URL: https://www.iloveimg.com/
Title: iLoveIMG

Search URL Search Domain Scan URL

URL: https://solidframework.net/#solidframework
Title: Solid Documents

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.ilovepdf.com%2Fpdf_to_word&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.ilovepdf.com%2Fpdf_to_word&rid=esp&cc=1

Request Chain 42

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0 HTTP 302
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1

Request Chain 57

https://match.adsrvr.org/track/cmf/openx?oxid=dc3c43dd-91a5-7915-ee27-f450303ad654&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=dc3c43dd-91a5-7915-ee27-f450303ad654&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e12d9056-0d04-4f11-b14f-40251b0565de&ttd_puid=dc3c43dd-91a5-7915-ee27-f450303ad654&gdpr=0&gdpr_consent=

Request Chain 58

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y83eNsCo5sIAAGuS1BcAAAAA

Request Chain 59

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZLUqGw6tR3dks8ADzHow2Aplc8AAAGF3CwFvw

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIcsvrMnM_rlIwnjk_fLx5M&google_cver=1

Request Chain 62

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y83eNfPc7Lm1s5_T4XvnYAAAFNkAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y83eNfPc7Lm1s5_T4XvnYAAAFNkAAAIB&dcc=t

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y83eNfPc7Lm1s5_T4XvnYAAAFNkAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBwnI5KU00SC2qzBveNQI6E&google_cver=1

Request Chain 64

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y83eNfPc7Lm1s5-T4XvnYAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAS-_210vVPH2P8Jcukk6i0&google_cver=1

Request Chain 65

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://match.adsrvr.org/track/cmb/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e12d9056-0d04-4f11-b14f-40251b0565de&expiration=1677028150&gdpr=0&gdpr_consent=

Request Chain 66

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y83eNgABca9lmwBB HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y83eNgABca9lmwBB&_test=Y83eNgABca9lmwBB

Request Chain 67

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5171746f-5158-d6f1-5d75add9

Request Chain 68

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D

Request Chain 69

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dmsJzSQ9WZ9tblqYd2BHmyM9W59tPFmQcDmfpebT

Request Chain 73

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

76 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pdf_to_word Show response
www.ilovepdf.com/ 49 KB
14 KB 438ms
255ms Document
text/html 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovepdf.com/pdf_to_word
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4b77c25f261a2d6179306d7b55d96966e3a242cb60038ae9599d7535f8c0e1b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-railgun: bf207a6b0c stream 0.000000 0211 57da
cf-ray: 78dca4567fb317c9-MEL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 23 Jan 2023 01:09:05 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare

GET
H2 200 rawline-700.woff2
www.ilovepdf.com/font/ 25 KB
25 KB 120ms
115ms Font
font/woff2 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovepdf.com/font/rawline-700.woff2
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e472907fe467d7c983c37e707818cef2aa417a0bff42566cd98d0e5796d8b2c3

Request headers

Referer: https://www.ilovepdf.com/pdf_to_word
Origin: https://www.ilovepdf.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:05 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2019 07:18:24 GMT
server: cloudflare
age: 4647
etag: "5c8f4640-6254"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=345600
accept-ranges: bytes
cf-ray: 78dca458399f17c9-MEL
content-length: 25172
expires: Fri, 27 Jan 2023 01:09:05 GMT

GET
H2 200 rawline-600.woff2
www.ilovepdf.com/font/ 25 KB
25 KB 203ms
198ms Font
font/woff2 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovepdf.com/font/rawline-600.woff2
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c97ed79dd62bd1a56e24bdb59757bbe86b7ba70cb1a89cdfa66fb26238763e5

Request headers

Referer: https://www.ilovepdf.com/pdf_to_word
Origin: https://www.ilovepdf.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:05 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2019 07:18:24 GMT
server: cloudflare
age: 4647
etag: "5c8f4640-6420"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=345600
accept-ranges: bytes
cf-ray: 78dca45839a717c9-MEL
content-length: 25632
expires: Fri, 27 Jan 2023 01:09:05 GMT

GET
H2 200 rawline-500.woff2
www.ilovepdf.com/font/ 24 KB
24 KB 99ms
94ms Font
font/woff2 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovepdf.com/font/rawline-500.woff2
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7aba69a57f92693834494997b6c38c00a52c8346c122c3628bd854e9bc7ad90

Request headers

Referer: https://www.ilovepdf.com/pdf_to_word
Origin: https://www.ilovepdf.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:05 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2019 07:18:24 GMT
server: cloudflare
age: 4647
etag: "5c8f4640-6098"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=345600
accept-ranges: bytes
cf-ray: 78dca45839a817c9-MEL
content-length: 24728
expires: Fri, 27 Jan 2023 01:09:05 GMT

GET
H2 200 rawline-400.woff2
www.ilovepdf.com/font/ 24 KB
25 KB 185ms
180ms Font
font/woff2 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovepdf.com/font/rawline-400.woff2
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e8c8071d1877ad49ef32df902e016a892973c13b3091002ad1e4a38dfab4da

Request headers

Referer: https://www.ilovepdf.com/pdf_to_word
Origin: https://www.ilovepdf.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:05 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2019 07:18:24 GMT
server: cloudflare
age: 4647
etag: "5c8f4640-61d0"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=345600
accept-ranges: bytes
cf-ray: 78dca45839a917c9-MEL
content-length: 25040
expires: Fri, 27 Jan 2023 01:09:05 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 657ms
218ms Script
text/javascript 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

sffe /

Resource Hash

16e2be2ff28a658af23b62e6a0c48e2a5bb8d3cf3910c7fad907842b7f0f96fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27765
x-xss-protection: 0
server: sffe
etag: "1460 / 522 of 1000 / last-modified: 1674256154"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 23 Jan 2023 01:09:06 GMT

GET
H2 200 app.385af4b.css
www.ilovepdf.com/dist/css/ 444 KB
81 KB 185ms
181ms Stylesheet
text/css 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovepdf.com/dist/css/app.385af4b.css
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee9517018ef837e4ebd9b5137865b51f1f76a83b44ac4cac1ab2a425996f6dcc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/pdf_to_word
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Jan 2023 08:54:36 GMT
server: cloudflare
age: 4647
etag: W/"63ccf9cc-6f1b3"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=345600
cf-ray: 78dca45839a517c9-MEL
expires: Fri, 27 Jan 2023 01:09:05 GMT

GET
H2 200 ilovepdf.svg
www.ilovepdf.com/img/ 2 KB
1 KB 184ms
179ms Image
image/svg+xml 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ilovepdf.com/img/ilovepdf.svg
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c88f92c742e5e19a5538c43a63b4c766fb984bd2427cea8ca42d1331b2104b2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/pdf_to_word
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2019 07:18:24 GMT
server: cloudflare
age: 4647
etag: W/"5c8f4640-853"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=345600
cf-ray: 78dca45839aa17c9-MEL
expires: Fri, 27 Jan 2023 01:09:05 GMT

GET
H2 200 preload.svg
www.ilovepdf.com/img/svg_icons/ 709 B
452 B 182ms
178ms Image
image/svg+xml 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ilovepdf.com/img/svg_icons/preload.svg
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20adaaa0b333d54aa1a45bec0865c90afcef898b4d172182144813d3eaa30095

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/pdf_to_word
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2019 07:18:26 GMT
server: cloudflare
age: 4647
etag: W/"5c8f4642-2c5"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=345600
cf-ray: 78dca45839ab17c9-MEL
expires: Fri, 27 Jan 2023 01:09:05 GMT

GET
H2 200 app.385af4b.js Show response
www.ilovepdf.com/dist/js/ 786 KB
213 KB 184ms
181ms Script
application/javascript 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovepdf.com/dist/js/app.385af4b.js
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dca631a2f5486bea05bbf285295db91c8d062d36764ef1d567e6b3d8459d43b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/pdf_to_word
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Jan 2023 08:55:27 GMT
server: cloudflare
age: 4647
etag: W/"63ccf9ff-c4967"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=345600
cf-ray: 78dca45839ac17c9-MEL
expires: Fri, 27 Jan 2023 01:09:05 GMT

GET
H2 200 plupload.full.min.js
www.ilovepdf.com/js/plupload/ 0
38 KB 183ms
180ms Other
application/javascript 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovepdf.com/js/plupload/plupload.full.min.js
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ilovepdf.com/pdf_to_word
Origin: https://www.ilovepdf.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2019 07:18:26 GMT
server: cloudflare
age: 4646
etag: W/"5c8f4642-1e97c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=345600
cf-ray: 78dca45839ad17c9-MEL
expires: Fri, 27 Jan 2023 01:09:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 903ms
220ms Script
text/javascript 142.250.4.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 23:57:24 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4302
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20085
expires: Mon, 23 Jan 2023 01:57:24 GMT

GET
H2 200 ev.min.js Show response
www.ilovepdf.com/js/ 2 KB
1 KB 94ms
94ms Script
application/javascript 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovepdf.com/js/ev.min.js
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9be39fb80c8b843560c1e95a82311c01c0e71c1f23a99815db73fbb3e502c229

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/pdf_to_word
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Jan 2023 20:48:24 GMT
server: cloudflare
age: 4647
etag: W/"63bc7d98-923"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=345600
cf-ray: 78dca45a2c2217c9-MEL
expires: Fri, 27 Jan 2023 01:09:06 GMT

GET
H2 200 sprite.svg
www.ilovepdf.com/img/icons/ 56 KB
15 KB 108ms
107ms Image
image/svg+xml 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ilovepdf.com/img/icons/sprite.svg
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/dist/css/app.385af4b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a67cce83f00b235fcf5bbdfd05f68fef4d4c1e464969b480a4272dd3cd3afae7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/dist/css/app.385af4b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 30 Oct 2022 12:58:03 GMT
server: cloudflare
age: 4647
etag: W/"635e74db-e185"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=345600
cf-ray: 78dca45a4c5117c9-MEL
expires: Fri, 27 Jan 2023 01:09:06 GMT

GET
H2 200 chevron_right_g.svg
www.ilovepdf.com/img/items/ 252 B
257 B 107ms
107ms Image
image/svg+xml 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ilovepdf.com/img/items/chevron_right_g.svg
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/dist/css/app.385af4b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe016c986a7e9db828e3efca070e090a2a7867dbbb45f957c217aa45aed62d0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/dist/css/app.385af4b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2019 07:18:24 GMT
server: cloudflare
age: 4646
etag: W/"5c8f4640-fc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=345600
cf-ray: 78dca45a5c6017c9-MEL
expires: Fri, 27 Jan 2023 01:09:06 GMT

GET
H2 200 /
evt.ilovepdf.com/ 0
0 287ms
102ms Fetch
application/json 104.20.0.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://evt.ilovepdf.com/?t=pageview&ev=1674436146323-12341353426&_l=en-US&_r=&_u=https://www.ilovepdf.com/pdf_to_word&_s=1600x1200&_w=1600x1200&_d=ilovepdf&_m=www&_c=tool&_a=pdfword
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/js/ev.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.0.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:06 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ilovepdf.com
cf-ray: 78dca45c0e91df9d-MEL
access-control-allow-headers: X-Requested-With, Keep-Alive, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers
content-length: 0

GET
H2 200 plupload.full.min.js Show response
www.ilovepdf.com/js/plupload/ 122 KB
38 KB 253ms
253ms Script
application/javascript 104.20.1.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovepdf.com/js/plupload/plupload.full.min.js
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/dist/js/app.385af4b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.1.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612e6dcb0d737bda0dd56b14b1db75f482e37a53029a86615b047930a68fc1d5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/pdf_to_word
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2019 07:18:26 GMT
server: cloudflare
etag: W/"5c8f4642-1e97c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=345600
cf-ray: 78dca45b5da717c9-MEL
expires: Fri, 27 Jan 2023 01:09:06 GMT

GET
DATA 200
OK truncated
/ 286 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 pubads_impl_2023011201.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
130 KB 220ms
218ms Script
text/javascript 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

sffe /

Resource Hash

cbeaba9fbcc1297735946d95f4d571102722a6064abb2e95ed5fd45261812033

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132462
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 09:35:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 17 Jan 2024 21:28:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 445 B
257 B 653ms
219ms XHR
application/json 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ilovepdf.com

Requested by

Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/dist/js/app.385af4b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

fcc3b40f932b64236abd737a804559ca4d9c8fdabed192b2d96c5b65374fb9a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
expires: Mon, 23 Jan 2023 01:09:07 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 220ms
220ms XHR
text/plain 142.250.4.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=784486126&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ilovepdf.com%2Fpdf_to_word&ul=en-us&de=UTF-8&dt=PDF%20to%20WORD%20%7C%20Convert%20PDF%20to%20Word%20online%20for%20free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=893094032&gjid=611430015&cid=10466660.1674436147&tid=UA-12651114-1&_gid=1499164948.1674436147&_r=1&_slc=1&z=1581939303

Requested by

Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/dist/js/app.385af4b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ilovepdf.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ilovepdf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 669ms
221ms XHR
text/plain 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-12651114-1&cid=10466660.1674436147&jid=893094032&gjid=611430015&_gid=1499164948.1674436147&_u=IEBAAEAAAAAAACAAI~&z=2118827997

Requested by

Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/dist/js/app.385af4b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ilovepdf.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 23 Jan 2023 01:09:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ilovepdf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 669ms
221ms Script
application/javascript 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.ilovepdf.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 667ms
220ms Script
application/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ilovepdf.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 679ms
679ms XHR
text/plain 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3351966501259750&correlator=2167817721378222&eid=31071681%2C31071686%2C31071603&output=ldjh&gdfp_req=1&vrg=2023011201&ptt=17&impl=fifs&iu_parts=22379932707%2Cilovepdf_leaderboard%2Cilovepdf_leaderboard_pdfoffice&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90&ifi=1&adks=2782930585&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1674436147489&lmt=1674436147&dlt=1674436145885&idt=1559&adxs=315&adys=1124&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ilovepdf.com%2Fpdf_to_word&frm=20&vis=1&psz=970x0&msz=970x0&fws=4&ohw=1600&ga_vid=10466660.1674436147&ga_sid=1674436147&ga_hid=784486126&ga_fc=true

Requested by

Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/dist/js/app.385af4b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

82e45cc17575a7f33748290a95d494ce77936d2127b00ca936d0f74979297585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 397208
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12328
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 603495
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ilovepdf.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1368 6 KB
3 KB 656ms
217ms Document
text/html 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ilovepdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 01:09:08 GMT
expires: Tue, 23 Jan 2024 01:09:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 664ms
225ms XHR
application/json 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011201&st=env

Requested by

Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/dist/js/app.385af4b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

304e438d00d7b9be776758eba9044fb81a903f1745d59290cc68e0a82f31fdbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11146
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 266ms
87ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 02:52:58 GMT
content-encoding: gzip
age: 512170
x-guploader-uploadid: ADPycdvg0gYs5MUbDaaWHJH03QZqUaraiqxfFddulfG09pAL3yK-XoAvFU1wjQBWPTkLmFsCH6AgOYR4A-YGBXKvOODTncXREHIB
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 17 Jan 2024 02:52:58 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 542ms
191ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

5acb6bfb13d8aa6e8433b58c8ee60164ca1946736ef8236e346adf5e240f6247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Jan 2023 22:25:06 GMT
server: nginx
etag: W/"63bde5c2-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 24 Jan 2023 01:09:08 GMT

GET
H2 200 container.html Show response
131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EAAC 6 KB
3 KB 218ms
217ms Document
text/html 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ilovepdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 01:09:08 GMT
expires: Tue, 23 Jan 2024 01:09:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EAAC 0
0 259ms
258ms Fetch
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPGhFM97NY67eJfmKmsMPgcm68A6eoaGuXKH56P6fA8CNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi0xNjAxMzM2MjY1OTc0ODkwyAEJ4AIAqAMBqgSZAk_QQfqHBkGV2rrsS3sWKWfMiRvRmATV3LLA90ovghIyoRYlvciR7mrv6WoGeHTYj7AQtwwpj_jMNIpHBZV-p3RD46BfBhC-oZghxlVv-z1B_BpD2Nb_8ITRijC5nCTT-zULdvt7p4iZv3ORDGh-wz3mt1pRm6fdgjwCm9cUcqoz-Qze8gK9dJ32TxhKYQiOzBgOfv1vUtHYAps66hHmHCsWmlAdr9IrKTg3uM48b5-T4RwvaacaHulS9I_xADdKmHJXAL74YkCEKw379Aq_Di12Ct1LxDL66p5pPiHirkrT4fe_PoJ0-PpY97LrWf-6xMZ16zaRxNddr4GNB65_YhBzKp0nCnWnD7m4r-Wq16W0zvTIr7Ix5q4O4AQBgAaJk8CWpoHPt1egBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xNjAxMzM2MjY1OTc0ODkwGLCLfA&sigh=i1S2rYTsMUQ&uach_m=[UACH]&cid=CAQSTADUE5ymVEMVmc6puHGiyXIQUQgv21dOoULuJYJ21GQQshf_Yo6X7lvcCimZAaZsZmumhKzhBf1abGd_XkDflNhAaygt4qCTQPustPsYASAT
Requested by: Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f155.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 5FFE 82 KB
33 KB 706ms
258ms Document
text/html 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch?adk=2480754353&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=103.209.254.0&output=html&unviewed_position_start=1&url=https://www.ilovepdf.com/pdf_to_word&sub_client=bidder-785185&aceid=MDIZtAA9HLQAMNTmAEZbNAEOaDQBXoA0AUuCNAEjgzQBS4M0AVmDNAHUgzQB1YM0AfCDNAH0gzQB94M0Af6DNAH_gzQBAoQ0AQ6ENAEThDQBKIQ0ATmENAF6hDQBg4Q0AYSENAGIhDQBjYQ0AY6ENAGThDQBmIQ0AUtzQQFTc0EBfx5cAkofXAJiH1wCeUCqAidCqgIoQqoCEmiqAuqGqgLYjqoCgJuqAoGbqgKCm6oC_KaqAqKoqgJFvaoC29aqAlPZqgKM3aoCoOWqAtjxqgKi8qoC9PWqAmr4qgIK-6oCJvuqAkL7qgJ2_KoCIQirAsQMqwIeEKsCUBerAmIcqwIEHqsCnh6rAh8fqwKgIKsCWiGrAjwjqwINJqsCVCirAlwoqwLSKqsC-yurAugvqwJ-MKsCoTCrAs4wqwJ7MqsC_zOrAgI0qwJ7NKsCXjarAk43qwKhN6sC3DerAqw5qwK1OasCDTyrAiM8qwJwPasC9j6rAmZAqwKoQasC90GrAidCqwImRKsCnUSrAhdFqwISRqsCF0arAjxGqwKnR6sCv0mrAuBJqwKeSqsCI0yrAmRMqwI7TasCVk2rAqNNqwLvTasCKE6rArdPqwJ7UKsCE1GrAhVRqwKTUasC2VKrAvV0JAT6QtwJ0JP7Egmo-xI_sfsSIcX7EhXI-xJH3_sS-OX7Eu_t-xKd9PsSK_f7Eof3-xIPBPwSPgr8EkQK_BKTCvwS_Qr8Ej0L_BJFC_wSXQz8ErDwWShGGwdq&awbid_c=AKAmf-C5yULkZrBjq5cozT_dveb5sXZBwR5RnfHliV1q1LdU_UW9NIQJPykiYAUx68-pZ5oYw9uMjfW-AJ6A_ffQLpvB9w8Wz2iNE0-hk_BQmNlw9I0yNPQjp1R0jEMk2Vrz2y90XdL8OE7Z26Brn4DVL--2cN85YSTD1TV1ECZB7hIIpZGEP74&awbid_d=AKAmf-CipM_T5b3Ec_FtyWGSI-w6IwUSs-nE8kI1J2u8A1xWr7a3lWkHnZZ6MZ5B4hPCkYuCl1Cv4ZhFHK2YOpUHD2V13riN8Iperp8FyRMjrhhh9qpK29DVsCas_tOk2yyIeacQ2f_2q0T-iqMYhFxToIMxYJIc_BgLuPao2Pbgs0c5SAtIMipRYKQqn8_Bc3ZWmQ8UcpWvtMkPN1TuyfK2MA7YoP5MzhLhh32lxckR9vG9nlN_dFFoeW5nwD1nhz-z4ataIRz44H2fL9k2HKsOj3PJrC6k42pAJxSB4YzRi3sc-7rU5tp_Z2AQ-WfFNy3Q5GllhqL6khVrH83WTBQYgosE9NP-7mngKg-lhTHnQnwyRPmzHNjolx1e-yAO_J9LeWG6Qzmi6geypZLCPG1X_mfhEQUq0FLTZek_WPhSSaPriKOp0kQBdKj2Sg6xziMKfY1gfEOvEMMnBBG1B5VIi2YFflw57dvzwNu4WPAQNYIoPs8PgYdyB0mqi177dWquKCQoLXpOknxi7yyA0zCJEYIQhVAU6CYCrPwbRpqbU6NzldUAa6ypUxr1Gz_634eXEkd3KG3_yDPv0QkGcCkdfwUGkHlIp1yHmNwlr8a33JkDNwsZeAKZMgRL_29eFuteCBcyCs5LQv4gquEoxUQd-DUT2taATR-2lfgz5Lf7jLFupZ2G4KmeMDj4ej_qCmq2hhM30sJw6yFrZbpEbjfERL7BGSwWUQ&cid=CAQSGwDq26N9GcD_9cz1m2MkFhZuFE8URsmFgrBT0RgBIAo&exk=19681368&rfl=https%3A%2F%2Fwww.ilovepdf.com%2F&a_pr=13:Y83eMwAAAAD3dZSvQ3mJRvm8cAo0cGN2TKmgug

Requested by

Host: www.ilovepdf.com
URL: https://www.ilovepdf.com/pdf_to_word

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

0c72bfb31597b5195f40715c70ac37cfa218529813aa56abfeac4e1c2b721e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32965
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 01:09:09 GMT
expires: Mon, 23 Jan 2023 01:09:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame EAAC 7 KB
3 KB 665ms
216ms Script
text/javascript 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: 131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com
URL: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 00:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 851
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3003
x-xss-protection: 0
server: cafe
etag: 2660866305706646737
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Jan 2023 01:54:57 GMT

GET
H/1.1 200
OK v1
a5345.casalemedia.com/impression/ Frame EAAC 43 B
303 B 826ms
271ms Image
image/gif 23.90.68.36
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a5345.casalemedia.com/impression/v1?bidID=05b13fc2-2831-49eb-ab38-ecf95a157286&traceID=cf6tscu5traoj5ur6bi0&dspID=85&userID=&cmpro=0&deviceType=2&expiryTime=1674436747&ap=Y83eMwAJby4CZoV5AA6kgdzWwq7L7XojMIw5yg&siteID=785185&creativeID=88d781&pubID=198292&format=banner&channel=site
Requested by: Host: 131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com
URL: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.90.68.36 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Jan 2023 01:09:09 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EAAC 0
442 B 664ms
218ms Image
image/gif 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-DQzlBFSd1FSnglQegmn8ob0wdWOFUtRTle8SVUoIYSoIB_kLLzBYgYTbzSCQipDisORagUnz2s2zV-qWZCQLMElqbyVi56A2Ij5G4GVlZJOxkGyEE&pr=13:Y83eMwAAAAAerebGI5x0W1obB_UoW0H5x4JiNQ

Requested by

Host: 131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com
URL: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame EAAC 3 KB
1 KB 716ms
267ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com
URL: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 16:50:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Feb 2023 16:50:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame EAAC 18 KB
8 KB 664ms
217ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com
URL: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 16:53:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Feb 2023 16:53:38 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EAAC 24 KB
7 KB 685ms
238ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com
URL: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 12:23:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Jan 2024 12:23:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EAAC 155 KB
48 KB 1368ms
912ms Script
text/javascript 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com
URL: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 01:09:09 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.ilovepdf.com%2Fpdf_to_word&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.ilovepdf.com%2Fpdf_to_word&rid=esp&cc=1

85 B
202 B

338ms
337ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.ilovepdf.com%2Fpdf_to_word&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 94e218741d51b285092dce691354dda2355f0c7ed1121588a480fd7717c0c105

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:09 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-yv996v1gqvgultu15mPE9Qubpp4"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ilovepdf.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 23 Jan 2023 01:09:08 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.ilovepdf.com
location: /esp?url=https%3A%2F%2Fwww.ilovepdf.com%2Fpdf_to_word&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 290ms
268ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 01:09:09 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 83DE 15 KB
6 KB 876ms
292ms Document
text/html 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ilovepdf.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ilovepdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 01:09:09 GMT
server: Kestrel
server-processing-duration-in-ticks: 548063
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame E388
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1

2 KB
917 B

202ms
201ms

Document
text/html

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1
Requested by: Host: 131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com
URL: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b607b6a11833586686e1e6a5ed76fb75e35297d26271b8bd447f4c62176b1371

Request headers

Referer: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 78dca46ecba6299a-MEL
content-encoding: br
content-type: text/html
date: Mon, 23 Jan 2023 01:09:09 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iP9wa8foQYY0iPGfZLZFfdQWIeaznby1u1ASlM43%2Bq6q7%2Ftv%2FkOB0eLPnJm63MAcnDLdiQTC2TmzLZzB5HDYERxYbN%2BtziGDK1FqZSl%2B06yueITjbXkLb7jYzpiGBqKIco5RckFWOm8iuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 78dca46d8a5d299a-MEL
content-length: 0
date: Mon, 23 Jan 2023 01:09:09 GMT
expires: 0
location: /usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbGeJVe%2BDV2A4y8GqoSjS4KpzTU5mMimc2RmP2TJu9UY%2B1Tsz7XhTdGXqd4Cn4Iz3JQUFXmDCgYdi%2FQigtszXkKQvYognJTvi4MJ%2FK1VJCw5d1knGaWUH7aznP6PSZNmIt%2BBbTNIR61LuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame EAAC 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61597725c192a8199ae5d91ab3993daa54f29c520579660d4e66c8a954d17d3b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 6746 484 B
734 B 359ms
180ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4695e4ab56d7ba87493bfa5cb4764b58f1a7443d1d0ab7e27c79603097f7c2fa

Request headers

Referer: https://www.ilovepdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 308
content-type: text/html
date: Mon, 23 Jan 2023 01:09:09 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5FFE 0
105 B 229ms
227ms Image
text/html 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CN-_OM97NY--aLZCI8ALJp42AA4vglr5ty-eNwOkQwI23ARABILflhCFgpcCjgKQBoAGDro25A8gBAqgDAcgDyQSqBOIBT9A5LHa8TIiOPxv1ZK8TEHc2BQcqd6KMrHNo8VtumBz_3Fg_peSua40LrtMXpXodO1vgmd8M5CayaR8w4EDUa2N8Vy0QPwDzEZ7afQOwV_WQIzHHXToxCXKzKKdIL0ADJ49eowYaXXMW3CuBXBd-VdCcKX-jcDx7r37PRMCtjw_6PV_4uQzeQcys12lH0WG0CyWosrg2NPAwnii71tGnUmodgQ-KLEucPgZmbi44LZqya1jjfOKzPxOL4PcfwQpMsRze2dNlNK-AQ__DqCahoJQ26c978yHCsRftLttDXDcDTsAE28fz4pUEkgUECAQYAZIFBAgFGASgBgKAB-XR8kaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAdIIDwiAYRABGAAyAooCOgKAQPIIDWJpZGRlci03ODUxODWACgTICwHYEwzQFQGYFgGAFwGyFwgKBggAEgAYAA&sigh=M11h8E1G2q4&uach_m=[UACH]&pr=13:Y83eMwAAAAD3dZSvQ3mJRvm8cAo0cGN2TKmgug&cid=CAQSKQDq26N9zbbb-AEhO83NjrfhDNK_n6HBKeAiycLUAg_IEo8DSPvq4V-xGAEgCg&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2480754353&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=103.209.254.0&output=html&unviewed_position_start=1&url=https://www.ilovepdf.com/pdf_to_word&sub_client=bidder-785185&aceid=MDIZtAA9HLQAMNTmAEZbNAEOaDQBXoA0AUuCNAEjgzQBS4M0AVmDNAHUgzQB1YM0AfCDNAH0gzQB94M0Af6DNAH_gzQBAoQ0AQ6ENAEThDQBKIQ0ATmENAF6hDQBg4Q0AYSENAGIhDQBjYQ0AY6ENAGThDQBmIQ0AUtzQQFTc0EBfx5cAkofXAJiH1wCeUCqAidCqgIoQqoCEmiqAuqGqgLYjqoCgJuqAoGbqgKCm6oC_KaqAqKoqgJFvaoC29aqAlPZqgKM3aoCoOWqAtjxqgKi8qoC9PWqAmr4qgIK-6oCJvuqAkL7qgJ2_KoCIQirAsQMqwIeEKsCUBerAmIcqwIEHqsCnh6rAh8fqwKgIKsCWiGrAjwjqwINJqsCVCirAlwoqwLSKqsC-yurAugvqwJ-MKsCoTCrAs4wqwJ7MqsC_zOrAgI0qwJ7NKsCXjarAk43qwKhN6sC3DerAqw5qwK1OasCDTyrAiM8qwJwPasC9j6rAmZAqwKoQasC90GrAidCqwImRKsCnUSrAhdFqwISRqsCF0arAjxGqwKnR6sCv0mrAuBJqwKeSqsCI0yrAmRMqwI7TasCVk2rAqNNqwLvTasCKE6rArdPqwJ7UKsCE1GrAhVRqwKTUasC2VKrAvV0JAT6QtwJ0JP7Egmo-xI_sfsSIcX7EhXI-xJH3_sS-OX7Eu_t-xKd9PsSK_f7Eof3-xIPBPwSPgr8EkQK_BKTCvwS_Qr8Ej0L_BJFC_wSXQz8ErDwWShGGwdq&awbid_c=AKAmf-C5yULkZrBjq5cozT_dveb5sXZBwR5RnfHliV1q1LdU_UW9NIQJPykiYAUx68-pZ5oYw9uMjfW-AJ6A_ffQLpvB9w8Wz2iNE0-hk_BQmNlw9I0yNPQjp1R0jEMk2Vrz2y90XdL8OE7Z26Brn4DVL--2cN85YSTD1TV1ECZB7hIIpZGEP74&awbid_d=AKAmf-CipM_T5b3Ec_FtyWGSI-w6IwUSs-nE8kI1J2u8A1xWr7a3lWkHnZZ6MZ5B4hPCkYuCl1Cv4ZhFHK2YOpUHD2V13riN8Iperp8FyRMjrhhh9qpK29DVsCas_tOk2yyIeacQ2f_2q0T-iqMYhFxToIMxYJIc_BgLuPao2Pbgs0c5SAtIMipRYKQqn8_Bc3ZWmQ8UcpWvtMkPN1TuyfK2MA7YoP5MzhLhh32lxckR9vG9nlN_dFFoeW5nwD1nhz-z4ataIRz44H2fL9k2HKsOj3PJrC6k42pAJxSB4YzRi3sc-7rU5tp_Z2AQ-WfFNy3Q5GllhqL6khVrH83WTBQYgosE9NP-7mngKg-lhTHnQnwyRPmzHNjolx1e-yAO_J9LeWG6Qzmi6geypZLCPG1X_mfhEQUq0FLTZek_WPhSSaPriKOp0kQBdKj2Sg6xziMKfY1gfEOvEMMnBBG1B5VIi2YFflw57dvzwNu4WPAQNYIoPs8PgYdyB0mqi177dWquKCQoLXpOknxi7yyA0zCJEYIQhVAU6CYCrPwbRpqbU6NzldUAa6ypUxr1Gz_634eXEkd3KG3_yDPv0QkGcCkdfwUGkHlIp1yHmNwlr8a33JkDNwsZeAKZMgRL_29eFuteCBcyCs5LQv4gquEoxUQd-DUT2taATR-2lfgz5Lf7jLFupZ2G4KmeMDj4ej_qCmq2hhM30sJw6yFrZbpEbjfERL7BGSwWUQ&cid=CAQSGwDq26N9GcD_9cz1m2MkFhZuFE8URsmFgrBT0RgBIAo&exk=19681368&rfl=https%3A%2F%2Fwww.ilovepdf.com%2F&a_pr=13:Y83eMwAAAAD3dZSvQ3mJRvm8cAo0cGN2TKmgug

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2480754353&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=103.209.254.0&output=html&unviewed_position_start=1&url=https://www.ilovepdf.com/pdf_to_word&sub_client=bidder-785185&aceid=MDIZtAA9HLQAMNTmAEZbNAEOaDQBXoA0AUuCNAEjgzQBS4M0AVmDNAHUgzQB1YM0AfCDNAH0gzQB94M0Af6DNAH_gzQBAoQ0AQ6ENAEThDQBKIQ0ATmENAF6hDQBg4Q0AYSENAGIhDQBjYQ0AY6ENAGThDQBmIQ0AUtzQQFTc0EBfx5cAkofXAJiH1wCeUCqAidCqgIoQqoCEmiqAuqGqgLYjqoCgJuqAoGbqgKCm6oC_KaqAqKoqgJFvaoC29aqAlPZqgKM3aoCoOWqAtjxqgKi8qoC9PWqAmr4qgIK-6oCJvuqAkL7qgJ2_KoCIQirAsQMqwIeEKsCUBerAmIcqwIEHqsCnh6rAh8fqwKgIKsCWiGrAjwjqwINJqsCVCirAlwoqwLSKqsC-yurAugvqwJ-MKsCoTCrAs4wqwJ7MqsC_zOrAgI0qwJ7NKsCXjarAk43qwKhN6sC3DerAqw5qwK1OasCDTyrAiM8qwJwPasC9j6rAmZAqwKoQasC90GrAidCqwImRKsCnUSrAhdFqwISRqsCF0arAjxGqwKnR6sCv0mrAuBJqwKeSqsCI0yrAmRMqwI7TasCVk2rAqNNqwLvTasCKE6rArdPqwJ7UKsCE1GrAhVRqwKTUasC2VKrAvV0JAT6QtwJ0JP7Egmo-xI_sfsSIcX7EhXI-xJH3_sS-OX7Eu_t-xKd9PsSK_f7Eof3-xIPBPwSPgr8EkQK_BKTCvwS_Qr8Ej0L_BJFC_wSXQz8ErDwWShGGwdq&awbid_c=AKAmf-C5yULkZrBjq5cozT_dveb5sXZBwR5RnfHliV1q1LdU_UW9NIQJPykiYAUx68-pZ5oYw9uMjfW-AJ6A_ffQLpvB9w8Wz2iNE0-hk_BQmNlw9I0yNPQjp1R0jEMk2Vrz2y90XdL8OE7Z26Brn4DVL--2cN85YSTD1TV1ECZB7hIIpZGEP74&awbid_d=AKAmf-CipM_T5b3Ec_FtyWGSI-w6IwUSs-nE8kI1J2u8A1xWr7a3lWkHnZZ6MZ5B4hPCkYuCl1Cv4ZhFHK2YOpUHD2V13riN8Iperp8FyRMjrhhh9qpK29DVsCas_tOk2yyIeacQ2f_2q0T-iqMYhFxToIMxYJIc_BgLuPao2Pbgs0c5SAtIMipRYKQqn8_Bc3ZWmQ8UcpWvtMkPN1TuyfK2MA7YoP5MzhLhh32lxckR9vG9nlN_dFFoeW5nwD1nhz-z4ataIRz44H2fL9k2HKsOj3PJrC6k42pAJxSB4YzRi3sc-7rU5tp_Z2AQ-WfFNy3Q5GllhqL6khVrH83WTBQYgosE9NP-7mngKg-lhTHnQnwyRPmzHNjolx1e-yAO_J9LeWG6Qzmi6geypZLCPG1X_mfhEQUq0FLTZek_WPhSSaPriKOp0kQBdKj2Sg6xziMKfY1gfEOvEMMnBBG1B5VIi2YFflw57dvzwNu4WPAQNYIoPs8PgYdyB0mqi177dWquKCQoLXpOknxi7yyA0zCJEYIQhVAU6CYCrPwbRpqbU6NzldUAa6ypUxr1Gz_634eXEkd3KG3_yDPv0QkGcCkdfwUGkHlIp1yHmNwlr8a33JkDNwsZeAKZMgRL_29eFuteCBcyCs5LQv4gquEoxUQd-DUT2taATR-2lfgz5Lf7jLFupZ2G4KmeMDj4ej_qCmq2hhM30sJw6yFrZbpEbjfERL7BGSwWUQ&cid=CAQSGwDq26N9GcD_9cz1m2MkFhZuFE8URsmFgrBT0RgBIAo&exk=19681368&rfl=https%3A%2F%2Fwww.ilovepdf.com%2F&a_pr=13:Y83eMwAAAAD3dZSvQ3mJRvm8cAo0cGN2TKmgug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 23 Jan 2023 01:09:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 6444447348440430194
tpc.googlesyndication.com/simgad/ Frame 5FFE 18 KB
19 KB 219ms
218ms Image
image/png 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6444447348440430194?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnwoXJOimE6Kh8Urb34YDNeE57eoA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

892a16ba16b558331f184f4e49e57e58ec45c16dff8a5a353b5c8c9643d19d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 22:25:56 GMT
x-content-type-options: nosniff
age: 182593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18681
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 17:25:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 Jan 2024 22:25:56 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 31C8 13 KB
5 KB 263ms
263ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ilovepdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 127095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 13:50:54 GMT
expires: Sun, 21 Jan 2024 13:50:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E559 783 B
1 KB 813ms
238ms Document
text/html 74.125.24.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f105.1e100.net

Software

GSE /

Resource Hash

737b242477a1f9ef3365b446cf627795378fa5244402c67727bbfb81a8a99ddb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TfVyK0C12Jqyt0MsVYBiDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ilovepdf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-TfVyK0C12Jqyt0MsVYBiDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 01:09:10 GMT
expires: Mon, 23 Jan 2023 01:09:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 5FFE 28 KB
11 KB 269ms
268ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 16:49:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29999
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10811
x-xss-protection: 0
server: cafe
etag: 10713822464293745175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Feb 2023 16:49:10 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 5FFE 3 KB
1 KB 290ms
289ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

dcc84ca2069873bf863e0b36e587fd75731d689301e628c13156550f61689722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 16:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1305
x-xss-protection: 0
server: cafe
etag: 12828169674928258300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Feb 2023 16:50:43 GMT

GET
H2 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 5FFE 26 KB
10 KB 297ms
296ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

efddab676582e9560d4d953d48c4eee361a825a55875d47c654a496e7597a569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 16:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10201
x-xss-protection: 0
server: cafe
etag: 7565236516936161468
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Feb 2023 16:50:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5FFE 0
0 818ms
259ms Image
text/html 74.125.24.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcZCis5hDwWx1s702yDA0EXCg_XJ1eYSNMK4yqbxsAgpJRowCL1OQhBBUKPfABqsYhjPWCTn2kXQwnRkh69c6GkkxGQw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2480754353&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=103.209.254.0&output=html&unviewed_position_start=1&url=https://www.ilovepdf.com/pdf_to_word&sub_client=bidder-785185&aceid=MDIZtAA9HLQAMNTmAEZbNAEOaDQBXoA0AUuCNAEjgzQBS4M0AVmDNAHUgzQB1YM0AfCDNAH0gzQB94M0Af6DNAH_gzQBAoQ0AQ6ENAEThDQBKIQ0ATmENAF6hDQBg4Q0AYSENAGIhDQBjYQ0AY6ENAGThDQBmIQ0AUtzQQFTc0EBfx5cAkofXAJiH1wCeUCqAidCqgIoQqoCEmiqAuqGqgLYjqoCgJuqAoGbqgKCm6oC_KaqAqKoqgJFvaoC29aqAlPZqgKM3aoCoOWqAtjxqgKi8qoC9PWqAmr4qgIK-6oCJvuqAkL7qgJ2_KoCIQirAsQMqwIeEKsCUBerAmIcqwIEHqsCnh6rAh8fqwKgIKsCWiGrAjwjqwINJqsCVCirAlwoqwLSKqsC-yurAugvqwJ-MKsCoTCrAs4wqwJ7MqsC_zOrAgI0qwJ7NKsCXjarAk43qwKhN6sC3DerAqw5qwK1OasCDTyrAiM8qwJwPasC9j6rAmZAqwKoQasC90GrAidCqwImRKsCnUSrAhdFqwISRqsCF0arAjxGqwKnR6sCv0mrAuBJqwKeSqsCI0yrAmRMqwI7TasCVk2rAqNNqwLvTasCKE6rArdPqwJ7UKsCE1GrAhVRqwKTUasC2VKrAvV0JAT6QtwJ0JP7Egmo-xI_sfsSIcX7EhXI-xJH3_sS-OX7Eu_t-xKd9PsSK_f7Eof3-xIPBPwSPgr8EkQK_BKTCvwS_Qr8Ej0L_BJFC_wSXQz8ErDwWShGGwdq&awbid_c=AKAmf-C5yULkZrBjq5cozT_dveb5sXZBwR5RnfHliV1q1LdU_UW9NIQJPykiYAUx68-pZ5oYw9uMjfW-AJ6A_ffQLpvB9w8Wz2iNE0-hk_BQmNlw9I0yNPQjp1R0jEMk2Vrz2y90XdL8OE7Z26Brn4DVL--2cN85YSTD1TV1ECZB7hIIpZGEP74&awbid_d=AKAmf-CipM_T5b3Ec_FtyWGSI-w6IwUSs-nE8kI1J2u8A1xWr7a3lWkHnZZ6MZ5B4hPCkYuCl1Cv4ZhFHK2YOpUHD2V13riN8Iperp8FyRMjrhhh9qpK29DVsCas_tOk2yyIeacQ2f_2q0T-iqMYhFxToIMxYJIc_BgLuPao2Pbgs0c5SAtIMipRYKQqn8_Bc3ZWmQ8UcpWvtMkPN1TuyfK2MA7YoP5MzhLhh32lxckR9vG9nlN_dFFoeW5nwD1nhz-z4ataIRz44H2fL9k2HKsOj3PJrC6k42pAJxSB4YzRi3sc-7rU5tp_Z2AQ-WfFNy3Q5GllhqL6khVrH83WTBQYgosE9NP-7mngKg-lhTHnQnwyRPmzHNjolx1e-yAO_J9LeWG6Qzmi6geypZLCPG1X_mfhEQUq0FLTZek_WPhSSaPriKOp0kQBdKj2Sg6xziMKfY1gfEOvEMMnBBG1B5VIi2YFflw57dvzwNu4WPAQNYIoPs8PgYdyB0mqi177dWquKCQoLXpOknxi7yyA0zCJEYIQhVAU6CYCrPwbRpqbU6NzldUAa6ypUxr1Gz_634eXEkd3KG3_yDPv0QkGcCkdfwUGkHlIp1yHmNwlr8a33JkDNwsZeAKZMgRL_29eFuteCBcyCs5LQv4gquEoxUQd-DUT2taATR-2lfgz5Lf7jLFupZ2G4KmeMDj4ej_qCmq2hhM30sJw6yFrZbpEbjfERL7BGSwWUQ&cid=CAQSGwDq26N9GcD_9cz1m2MkFhZuFE8URsmFgrBT0RgBIAo&exk=19681368&rfl=https%3A%2F%2Fwww.ilovepdf.com%2F&a_pr=13:Y83eMwAAAAD3dZSvQ3mJRvm8cAo0cGN2TKmgug
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f105.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FFE 155 KB
47 KB 777ms
776ms Script
text/javascript 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 01:09:09 GMT

GET
H2 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 5FFE 48 KB
18 KB 325ms
324ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/one_click_handler_one_afma.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

8616f8840002a34cf977c03cf5b29172f48175eb8f76e075b36fa95ff178582d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 18:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18004
x-xss-protection: 0
server: cafe
etag: 7678535110439999026
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Feb 2023 18:05:39 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DFDC 143 B
166 B 230ms
222ms Document
text/html 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2480754353&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=103.209.254.0&output=html&unviewed_position_start=1&url=https://www.ilovepdf.com/pdf_to_word&sub_client=bidder-785185&aceid=MDIZtAA9HLQAMNTmAEZbNAEOaDQBXoA0AUuCNAEjgzQBS4M0AVmDNAHUgzQB1YM0AfCDNAH0gzQB94M0Af6DNAH_gzQBAoQ0AQ6ENAEThDQBKIQ0ATmENAF6hDQBg4Q0AYSENAGIhDQBjYQ0AY6ENAGThDQBmIQ0AUtzQQFTc0EBfx5cAkofXAJiH1wCeUCqAidCqgIoQqoCEmiqAuqGqgLYjqoCgJuqAoGbqgKCm6oC_KaqAqKoqgJFvaoC29aqAlPZqgKM3aoCoOWqAtjxqgKi8qoC9PWqAmr4qgIK-6oCJvuqAkL7qgJ2_KoCIQirAsQMqwIeEKsCUBerAmIcqwIEHqsCnh6rAh8fqwKgIKsCWiGrAjwjqwINJqsCVCirAlwoqwLSKqsC-yurAugvqwJ-MKsCoTCrAs4wqwJ7MqsC_zOrAgI0qwJ7NKsCXjarAk43qwKhN6sC3DerAqw5qwK1OasCDTyrAiM8qwJwPasC9j6rAmZAqwKoQasC90GrAidCqwImRKsCnUSrAhdFqwISRqsCF0arAjxGqwKnR6sCv0mrAuBJqwKeSqsCI0yrAmRMqwI7TasCVk2rAqNNqwLvTasCKE6rArdPqwJ7UKsCE1GrAhVRqwKTUasC2VKrAvV0JAT6QtwJ0JP7Egmo-xI_sfsSIcX7EhXI-xJH3_sS-OX7Eu_t-xKd9PsSK_f7Eof3-xIPBPwSPgr8EkQK_BKTCvwS_Qr8Ej0L_BJFC_wSXQz8ErDwWShGGwdq&awbid_c=AKAmf-C5yULkZrBjq5cozT_dveb5sXZBwR5RnfHliV1q1LdU_UW9NIQJPykiYAUx68-pZ5oYw9uMjfW-AJ6A_ffQLpvB9w8Wz2iNE0-hk_BQmNlw9I0yNPQjp1R0jEMk2Vrz2y90XdL8OE7Z26Brn4DVL--2cN85YSTD1TV1ECZB7hIIpZGEP74&awbid_d=AKAmf-CipM_T5b3Ec_FtyWGSI-w6IwUSs-nE8kI1J2u8A1xWr7a3lWkHnZZ6MZ5B4hPCkYuCl1Cv4ZhFHK2YOpUHD2V13riN8Iperp8FyRMjrhhh9qpK29DVsCas_tOk2yyIeacQ2f_2q0T-iqMYhFxToIMxYJIc_BgLuPao2Pbgs0c5SAtIMipRYKQqn8_Bc3ZWmQ8UcpWvtMkPN1TuyfK2MA7YoP5MzhLhh32lxckR9vG9nlN_dFFoeW5nwD1nhz-z4ataIRz44H2fL9k2HKsOj3PJrC6k42pAJxSB4YzRi3sc-7rU5tp_Z2AQ-WfFNy3Q5GllhqL6khVrH83WTBQYgosE9NP-7mngKg-lhTHnQnwyRPmzHNjolx1e-yAO_J9LeWG6Qzmi6geypZLCPG1X_mfhEQUq0FLTZek_WPhSSaPriKOp0kQBdKj2Sg6xziMKfY1gfEOvEMMnBBG1B5VIi2YFflw57dvzwNu4WPAQNYIoPs8PgYdyB0mqi177dWquKCQoLXpOknxi7yyA0zCJEYIQhVAU6CYCrPwbRpqbU6NzldUAa6ypUxr1Gz_634eXEkd3KG3_yDPv0QkGcCkdfwUGkHlIp1yHmNwlr8a33JkDNwsZeAKZMgRL_29eFuteCBcyCs5LQv4gquEoxUQd-DUT2taATR-2lfgz5Lf7jLFupZ2G4KmeMDj4ej_qCmq2hhM30sJw6yFrZbpEbjfERL7BGSwWUQ&cid=CAQSGwDq26N9GcD_9cz1m2MkFhZuFE8URsmFgrBT0RgBIAo&exk=19681368&rfl=https%3A%2F%2Fwww.ilovepdf.com%2F&a_pr=13:Y83eMwAAAAD3dZSvQ3mJRvm8cAo0cGN2TKmgug
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 00:57:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5FFE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c329baca2dbe4d3b0e7c03875f7d8db94b76ccacad87db6578742dc87116551b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6746
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=dc3c43dd-91a5-7915-ee27-f450303ad654&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=dc3c43dd-91a5-7915-ee27-f450303ad654&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e12d9056-0d04-4f11-b14f-40251b0565de&ttd_puid=dc3c43dd-91a5-7915-ee27-f450303ad654&gdpr=0&gdpr_consent=

43 B
323 B

175ms
174ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=e12d9056-0d04-4f11-b14f-40251b0565de&ttd_puid=dc3c43dd-91a5-7915-ee27-f450303ad654&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=e12d9056-0d04-4f11-b14f-40251b0565de&ttd_puid=dc3c43dd-91a5-7915-ee27-f450303ad654&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 6746
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y83eNsCo5sIAAGuS1BcAAAAA

43 B
106 B

177ms
176ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y83eNsCo5sIAAGuS1BcAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Mon, 23 Jan 2023 01:09:10 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.209.254.23","key":"Y83eNsCo5sIAAGuS1BcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad447"}
X-SO-Key: Y83eNsCo5sIAAGuS1BcAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad447
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y83eNsCo5sIAAGuS1BcAAAAA
Cache-Control: private
X-SO-HostName: m-ad447.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: a-tgng40004.dc2p.scaleout.jp
X-SO-IP: 103.209.254.23

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 6746
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZLUqGw6tR3dks8ADzHow2Aplc8AAAGF3CwFvw

43 B
106 B

178ms
176ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZLUqGw6tR3dks8ADzHow2Aplc8AAAGF3CwFvw
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:10 GMT
via: 1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZLUqGw6tR3dks8ADzHow2Aplc8AAAGF3CwFvw
cache-control: no-cache
content-length: 0
x-amz-cf-id: TO0Yv0YGgQt174zvxFBN7hQ6YkUwh5w2_OkjMPXexnhpODV-xmZo0Q==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 6746 170 B
243 B 831ms
225ms Image
image/png 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjA1MzkwMTctNThkMi0yN2IxLWZiYzctYWVlOWZhZDgxODM0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6746
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIcsvrMnM_rlIwnjk_fLx5M&google_cver=1

43 B
106 B

183ms
180ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIcsvrMnM_rlIwnjk_fLx5M&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIcsvrMnM_rlIwnjk_fLx5M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame E388
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y83eNfPc7Lm1s5_T4XvnYAAAFNkAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y83eNfPc7Lm1s5_T4XvnYAAAFNkAAAIB&dcc=t

43 B
855 B

314ms
313ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y83eNfPc7Lm1s5_T4XvnYAAAFNkAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Jan 2023 01:09:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AYAWB51B6B2T18AFVQS5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 Jan 2023 01:09:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AWZGM2BEFZDPVB4G974Y
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y83eNfPc7Lm1s5_T4XvnYAAAFNkAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame E388
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y83eNfPc7Lm1s5_T4XvnYAAAFNkAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBwnI5KU00SC2qzBveNQI6E&google_cver=1

43 B
786 B

294ms
291ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBwnI5KU00SC2qzBveNQI6E&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXOtLK2vPxfaXKWwRbHfORrRhJCWiRthC5t3GgJJiIqQNIZ0rm4QiHdF7Ssar6AJSvPVpPNQWBBi8dGhWGKPaNnvpwxsEEh95%2F842TuSdE%2Bs%2BfJIalRC46S1oFqg0qvGUn13YDcsaeMv9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 78dca476bc5e29ba-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBwnI5KU00SC2qzBveNQI6E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E388
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y83eNfPc7Lm1s5-T4XvnYAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAS-_210vVPH2P8Jcukk6i0&google_cver=1

43 B
632 B

280ms
280ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAS-_210vVPH2P8Jcukk6i0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Jan 2023 01:09:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAS-_210vVPH2P8Jcukk6i0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E388
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://match.adsrvr.org/track/cmb/casale?
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e12d9056-0d04-4f11-b14f-40251b0565de&expiration=1677028150&gdpr=0&gdpr_consent=

43 B
632 B

706ms
280ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e12d9056-0d04-4f11-b14f-40251b0565de&expiration=1677028150&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Jan 2023 01:09:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e12d9056-0d04-4f11-b14f-40251b0565de&expiration=1677028150&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E388
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y83eNgABca9lmwBB
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y83eNgABca9lmwBB&_test=Y83eNgABca9lmwBB

43 B
632 B

302ms
297ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y83eNgABca9lmwBB&_test=Y83eNgABca9lmwBB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Jan 2023 01:09:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-fty21342-FTY
pragma: no-cache
date: Mon, 23 Jan 2023 01:09:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1674436151.999929,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y83eNgABca9lmwBB&_test=Y83eNgABca9lmwBB
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

crum
dsum.casalemedia.com/ Frame E388
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5171746f-5158-d6f1-5d75add9

43 B
785 B

485ms
299ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5171746f-5158-d6f1-5d75add9
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1
Protocol: H2
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixsjZBsY%2B5FUOyIcA16Kcit8BgWkBmIpMLOD6dbsjEUXpBd6LoPmiGDkf4zpgY4KfX%2FBqpCEcowmC%2B%2FynnrOoTi%2FbbdYNIhtC3uKzLqmEh3DkkibXq17w8gjqzgpqRSM%2Bn9f9%2BWK"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 78dca4758d59fe9d-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Mon, 23 Jan 2023 01:09:10 GMT
via: 1.1 google
server: nginx/1.22.1
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5171746f-5158-d6f1-5d75add9
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E388
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D

43 B
632 B

297ms
297ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Jan 2023 01:09:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date: Mon, 23 Jan 2023 01:09:10 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E388
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dmsJzSQ9WZ9tblqYd2BHmyM9W59tPFmQcDmfpebT

43 B
632 B

656ms
280ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dmsJzSQ9WZ9tblqYd2BHmyM9W59tPFmQcDmfpebT
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Jan 2023 01:09:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dmsJzSQ9WZ9tblqYd2BHmyM9W59tPFmQcDmfpebT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 htw-pixel.gif
js-sec.indexww.com/ht/ Frame E388 43 B
352 B 308ms
92ms Image
image/gif 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?Y83eNfPc7Lm1s5_T4XvnYAAAFNkAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=198292&us_privacy=&gdpr_consent=&gdpr=0&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:09:10 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 198
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 78dca472ddc8299f-MEL
content-length: 43
expires: Mon, 23 Jan 2023 05:09:10 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 83DE 439 B
558 B 291ms
291ms Fetch
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ilovepdf.com&sn=ChromeSyncframe&so=0&topUrl=www.ilovepdf.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ilovepdf.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d9537cf8f14ec952d60c078cc6df1900db3f29e9451b02be007f210669684d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ilovepdf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3117215
expires: 0

GET
H2 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 31C8 36 KB
16 KB 217ms
217ms Script
text/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 03:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 03:35:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DFDC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

229ms
223ms

Document
text/html

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 01:09:10 GMT
expires: Mon, 23 Jan 2023 01:09:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 01:09:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E559 0
0 219ms
219ms Image
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011201&jk=3351966501259750&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame C7B6 36 KB
16 KB 219ms
219ms Script
text/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 03:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 03:35:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 223ms
222ms Image
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011201&jk=3351966501259750&bg=!WFulWx_NAAYDMoyoIzI7ACkAdvg8Wvmw7w2SM2eAiYMeWbvR6otQadlmpg4PLKOvCQOLzqm5b5vpmAIAAABzUgAAAAJoAQcKADzvM0AjyM5oja_mv7lDDdEMPSrreayLYFCMESkH4gzEH_OAItOnAeKz8uFniiTnMBCoUr4EsDYRQBK0xYuZAqvfkxbeiZQvCvHlXI3f0M5kUaEv9P_0i-tUv1nyZ_JIrrBEwsEh0_YZ1LzgEzg0I4apRl25uM7g9IBvEv1Bq--SjAajzUhM81i7ihAobF8-lV3KSohy0Q1IUy1STSTlfjryPeH7TenlZrcQFSNFR2rLRurstJDnbSCGh1y5XPdaRpNVtZ8AL9LS3lKfhjbJqp0fdl_ed7ZOBcc9BwYcvscYaBPHzU9mzwp4yZD6KKXLJ55BNpkNUaRJ-b2-yOKXyoamXYXgvbHPpfJGEKCnRVRiBfB_8LkzWWl8FQtWhP1zAUFPlsuQjeTGHz4trEk9CzawHTUuZ-h0V4DQjYIg45tQ_oEFOJXHsjrC4xkJvNHHUNIPE_Ps2I6ByaE70ngTyB6hu7ZvtG4nEFB1uyDlFs3CZIaviImFR0467z0UyqJ3D1Jhy9T4_4dQGygiIqCpq5YrKOoolDcr5YrLFpxUaovaPrh6EVxQhXLl76sK5rmy_c_tSoWq4Lq8clNXtMz_fe5DhdplwmF_JgeUMpCEuFxHngJ-wPKYbHLw-xdexsQWobEG3JXaV8vxHAV5zHXANGjS6A6pvbgKGK1eAMF92dxLQCO4TMgAuxRuxIvZ5PhVi6CTkYfUPvlfGcUvfbjpd64ufSE007pJziX1fvvtB8l0CEuFn_tgLNg2finWb8TbG2nI5qVrUXgxjIL5YgGQHaleE4kwoR_3vEbc5Yzbw2WaeB5_t2p7CE7CJLkAYAKQjWHN8Co3RNbg4IPOdEYSXmOtgc8UUCuvPXi23a9LfBytTbV8P0U0RiQzrKZvDZk_J7-Qxt_yi69lwLSFXO0opotXUUUObRLT4YZT44huqdSkqPidc1gv76Nw440Te2FJ6u_-BQg3DDWn1YkNygCzod4_rlEnw_cYUNL0wg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ilovepdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EAAC 42 B
174 B 221ms
220ms Fetch
image/gif 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXYAhrOuNNxqJ6dShWQ2c9ejcksCmLqXLYeTXmaT4-HEwjoU3LsuWgbw1ikDlbhFGDG27jQbFk380QwDSKbt1B1WDU&sig=Cg0ArKJSzCiCqSd2YDEoEAE&id=lidar2&mcvt=1000&p=1034,436,1124,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2782930585&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674436148205&rpt=1977&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5FFE 42 B
108 B 229ms
229ms Fetch
image/gif 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcTXf60mkyqiqs49MdhF-NWFP4w70Um52bz4qcZX9pjLtCNbIqN1JTePkabe1RGdL-8ZUM9t0ne4iC-knHXvLomdI6ZBVeB2FKZ13yiVJ1KKgJNBzQq93O7LWiD9AOyisTuQs&sai=AMfl-YQIIYsuBIWNRDcN35dZuz0l2uNvsZOV0uyIKFQuNQ0TQEHaDhqFzthjfDQipNtL35FLwaXIYCrSgVVWaQlk_5xkvUVeVq-ZgKcvkQ&sig=Cg0ArKJSzPqBh_Pl8yFdEAE&cid=CAQSKQDq26N9zbbb-AEhO83NjrfhDNK_n6HBKeAiycLUAg_IEo8DSPvq4V-xGAEgCg&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2480754353&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674436148461&rpt=1873&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 01:09:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ilovepdf.com/	1969-12-31 23:59:59	Name: last_page Value: d0d871453a5f7fd9dce313869139fc1282c838bb23ed01132b06aa39f1d596b4a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22last_page%22%3Bi%3A1%3BN%3B%7D
www.ilovepdf.com/	1969-12-31 23:59:59	Name: page Value: 2f34b94ddffda182753dd4b5b77b17f8d9f73a073697cbe1c257b3d40766c2b0a%3A2%3A%7Bi%3A0%3Bs%3A4%3A%22page%22%3Bi%3A1%3Bs%3A12%3A%22tool%2Fpdfword%22%3B%7D
www.ilovepdf.com/	1969-12-31 23:59:59	Name: _csrf-ilovepdf Value: 6bdf9f540b1da20697b2dd780d1d6c3feb7f168af1957b3251598f594f8fc8c2a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-ilovepdf%22%3Bi%3A1%3Bs%3A32%3A%22fTwnSTofitr9qi-odftyMxYdPlP7c3nA%22%3B%7D
www.ilovepdf.com/	1970-01-20 18:43:16	Name: hcookie Value: 1
www.ilovepdf.com/	1969-12-31 23:59:59	Name: lastTool Value: pdfoffice
.ilovepdf.com/	1970-01-20 18:43:16	Name: _ga Value: GA1.2.10466660.1674436147
.ilovepdf.com/	1970-01-20 09:08:42	Name: _gid Value: GA1.2.1499164948.1674436147
.ilovepdf.com/	1970-01-20 09:07:16	Name: _gat Value: 1
.ilovepdf.com/	1970-01-20 18:28:52	Name: __gads Value: ID=f920879d6ffca317:T=1674436147:S=ALNI_MZDAny-Nw21oY6rwz4bH1Wa9buZEQ
.ilovepdf.com/	1970-01-20 18:28:52	Name: __gpi Value: UID=00000baaf64c738b:T=1674436147:RT=1674436147:S=ALNI_MZRfLogQTNBCykSEHwG-MgXbDzpFQ
.openx.net/	1970-01-20 17:52:52	Name: i Value: 0f907c84-3822-46e2-b4f1-3cb8541de5a9\|1674436148
.doubleclick.net/	1970-01-20 18:43:16	Name: IDE Value: AHWqTUmxFbPmlizCuK9OqqfJ6YaqIq6Qmcent-2detwV1OEDFokLm-N2QTpi__vxpio
.casalemedia.com/	1970-01-20 17:52:52	Name: CMID Value: Y83eNfPc7Lm1s5-T4XvnYAAA
.casalemedia.com/	1970-01-20 11:16:52	Name: CMPS Value: 5337
.casalemedia.com/	1970-01-20 11:16:52	Name: CMPRO Value: 5337
.openx.net/	1970-01-20 09:28:52	Name: pd Value: v2\|1674436149\|jElYiuvOhI
.criteo.com/	1970-01-20 18:28:52	Name: uid Value: 5570e7f8-1f53-40a8-b64e-7fae0d4517ab
.adsrvr.org/	1970-01-20 17:52:52	Name: TDID Value: e12d9056-0d04-4f11-b14f-40251b0565de
.ilovepdf.com/	1970-01-20 18:28:52	Name: cto_bundle Value: 0RPYk19pMSUyQlVxb21IVVcwa0VPRjdqSEZ3NHZVbHJPazR1UEFJV0JIRE9Pa21zWmxqa08lMkZIWHBOODV3OEtoSlo4JTJCWnA0aU9Rc2tsJTJCJTJCZEMzTVMyb0t1bDQ3S0V6TFhnSDVwVDVIM3VYSEJ4Z1E3NUNrSzdHV0g1OG5oT25manNnSSUyRkdibk4xS21GdTBMNzdVS0YlMkJkQUNIRkN6USUzRCUzRA
.adsrvr.org/	1970-01-20 17:52:52	Name: TDCPM Value: CAESFQoGY2FzYWxlEgsI_Nfn9Y66vjsQBRgFIAEoAjILCKzi6KGlur47EAU4AQ..
.brand-display.com/	1970-01-20 18:43:16	Name: _knxq_ Value: 5171746f-5158-d6f1-5d75add9.1674436150.0.1674436150.1674436150
.quantserve.com/	1970-01-20 11:16:52	Name: d Value: EFwBDQGPKLjvsQA
.quantserve.com/	1970-01-20 18:37:30	Name: mc Value: 63cdde36-60178-2ce16-d390a
.openx.net/	1970-01-20 09:28:52	Name: univ_id Value: 537072971\|e12d9056-0d04-4f11-b14f-40251b0565de\|1674436150429168
.socdm.com/	1970-01-20 18:43:16	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjc0NDM2MTUwfQ
.ladsp.com/	1970-01-20 09:07:19	Name: cr Value: 1
.doubleclick.net/	1970-01-20 09:07:19	Name: DSID Value: NO_DATA
.everesttech.net/	1970-01-20 17:52:52	Name: everest_g_v2 Value: g_surferid~Y83eNgABca9lmwBB
.ladsp.com/	1970-01-20 18:43:16	Name: smn_uid Value: hSVcADcISrm-odIhSJ4FTw8x6MNgKZU
.ladsp.com/	1970-01-20 18:43:16	Name: lum Value: CL-LsOHdMBIFCAMQ0AU
.adotmob.com/	1970-01-20 18:36:04	Name: uid Value: 08a5220400d38b24d2c6dfe0
.adotmob.com/	1970-01-20 18:36:04	Name: uuid Value: 08a5220400d38b24d2c6dfe0
.adotmob.com/	1970-01-20 18:36:04	Name: partners Value: IX%3A1674436150771
.amazon-adsystem.com/	1970-01-20 15:08:42	Name: ad-id Value: A3BDvLP_5kn5jHfQog9mwuw
.amazon-adsystem.com/	1970-01-20 18:43:16	Name: ad-privacy Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

131c5382e78fd57e834fbc9ca48c0814.safeframe.googlesyndication.com
a5345.casalemedia.com
adservice.google.com
adservice.google.com.au
cm.g.doubleclick.net
cms.quantserve.com
cr-p3.ladsp.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
evt.ilovepdf.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.ilovepdf.com
103.229.10.171
104.18.33.19
104.20.0.94
104.20.1.94
13.33.88.71
139.5.84.243
142.250.4.139
142.250.4.157
142.251.10.132
142.251.10.155
142.251.12.155
151.101.194.49
172.217.194.154
172.217.194.157
172.253.118.132
172.64.151.162
172.64.154.237
182.161.73.129
185.183.112.148
202.241.208.54
23.90.68.36
3.33.220.150
34.102.146.192
34.111.151.213
34.120.107.143
34.98.64.218
52.46.155.104
74.119.119.139
74.125.24.105
74.125.24.156
74.125.24.157
01e8c8071d1877ad49ef32df902e016a892973c13b3091002ad1e4a38dfab4da
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c72bfb31597b5195f40715c70ac37cfa218529813aa56abfeac4e1c2b721e5a
0c88f92c742e5e19a5538c43a63b4c766fb984bd2427cea8ca42d1331b2104b2
16e2be2ff28a658af23b62e6a0c48e2a5bb8d3cf3910c7fad907842b7f0f96fe
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
20adaaa0b333d54aa1a45bec0865c90afcef898b4d172182144813d3eaa30095
2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
304e438d00d7b9be776758eba9044fb81a903f1745d59290cc68e0a82f31fdbe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4695e4ab56d7ba87493bfa5cb4764b58f1a7443d1d0ab7e27c79603097f7c2fa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5acb6bfb13d8aa6e8433b58c8ee60164ca1946736ef8236e346adf5e240f6247
612e6dcb0d737bda0dd56b14b1db75f482e37a53029a86615b047930a68fc1d5
61597725c192a8199ae5d91ab3993daa54f29c520579660d4e66c8a954d17d3b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
737b242477a1f9ef3365b446cf627795378fa5244402c67727bbfb81a8a99ddb
82e45cc17575a7f33748290a95d494ce77936d2127b00ca936d0f74979297585
8616f8840002a34cf977c03cf5b29172f48175eb8f76e075b36fa95ff178582d
892a16ba16b558331f184f4e49e57e58ec45c16dff8a5a353b5c8c9643d19d66
94e218741d51b285092dce691354dda2355f0c7ed1121588a480fd7717c0c105
98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc
9be39fb80c8b843560c1e95a82311c01c0e71c1f23a99815db73fbb3e502c229
9c97ed79dd62bd1a56e24bdb59757bbe86b7ba70cb1a89cdfa66fb26238763e5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67cce83f00b235fcf5bbdfd05f68fef4d4c1e464969b480a4272dd3cd3afae7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b607b6a11833586686e1e6a5ed76fb75e35297d26271b8bd447f4c62176b1371
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c329baca2dbe4d3b0e7c03875f7d8db94b76ccacad87db6578742dc87116551b
cbeaba9fbcc1297735946d95f4d571102722a6064abb2e95ed5fd45261812033
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
d4b77c25f261a2d6179306d7b55d96966e3a242cb60038ae9599d7535f8c0e1b
d9537cf8f14ec952d60c078cc6df1900db3f29e9451b02be007f210669684d13
dbe016c986a7e9db828e3efca070e090a2a7867dbbb45f957c217aa45aed62d0
dca631a2f5486bea05bbf285295db91c8d062d36764ef1d567e6b3d8459d43b1
dcc84ca2069873bf863e0b36e587fd75731d689301e628c13156550f61689722
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e472907fe467d7c983c37e707818cef2aa417a0bff42566cd98d0e5796d8b2c3
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
ee9517018ef837e4ebd9b5137865b51f1f76a83b44ac4cac1ab2a425996f6dcc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efddab676582e9560d4d953d48c4eee361a825a55875d47c654a496e7597a569
f7aba69a57f92693834494997b6c38c00a52c8346c122c3628bd854e9bc7ad90
fcc3b40f932b64236abd737a804559ca4d9c8fdabed192b2d96c5b65374fb9a7
ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299

www.ilovepdf.com Open in urlscan Pro 104.20.1.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

83 %HTTPS

0 %IPv6

21 Domains

34 Subdomains

25 IPs

7 Countries

996 kBTransfer

2881 kBSize

35 Cookies

8 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ilovepdf.com Open in urlscan Pro
104.20.1.94 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

83 %
HTTPS

0 %
IPv6

21
Domains

34
Subdomains

25
IPs

7
Countries

996 kB
Transfer

2881 kB
Size

35
Cookies

76 HTTP transactions
4 data transactions