URL: https://www.pdfindir.net/
Submission: On January 10 via manual from TR — Scanned from IT

Summary

This website contacted 23 IPs in 6 countries across 23 domains to perform 188 HTTP transactions. The main IP is 2606:4700:3033::ac43:aa28, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pdfindir.net.
TLS certificate: Issued by R3 on December 26th 2021. Valid for: 3 months.
This is the only time www.pdfindir.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2606:4700:303... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
31 142.250.185.162 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 31 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 5 2620:116:800d... 16509 (AMAZON-02)
3 3 52.213.167.106 16509 (AMAZON-02)
5 5 104.111.215.191 16625 (AKAMAI-AS)
4 35.186.253.211 15169 (GOOGLE)
6 6 185.64.190.78 62713 (AS-PUBMATIC)
5 5 69.173.144.138 26667 (RUBICONPR...)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 5 18.192.164.101 16509 (AMAZON-02)
3 3 34.252.163.210 16509 (AMAZON-02)
3 2600:9000:223... 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
2 2 217.182.200.29 16276 (OVH)
1 1 18.196.159.27 16509 (AMAZON-02)
188 23
Apex Domain
Subdomains
Transfer
55 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 169
251 KB
46 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
660 KB
25 gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn0.gstatic.com
fonts.gstatic.com
445 KB
17 pdfindir.net
www.pdfindir.net
251 KB
11 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
9 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 69
www.google.com — Cisco Umbrella Rank: 8
1 KB
6 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 553
static.adsafeprotected.com — Cisco Umbrella Rank: 526
2 KB
6 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 531
3 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 151
221 KB
5 myvisualiq.net
t.myvisualiq.net — Cisco Umbrella Rank: 1098
2 KB
5 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 270
2 KB
5 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1536
4 KB
5 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 956
2 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1154
543 B
3 googleusercontent.com
lh4.googleusercontent.com — Cisco Umbrella Rank: 410
284 KB
3 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 2577
1 KB
2 gemius.pl
googlecm.hit.gemius.pl — Cisco Umbrella Rank: 6710
503 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 656
886 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 466
760 B
1 google.it
adservice.google.it — Cisco Umbrella Rank: 45788
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 745
645 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
36 KB
188 23
Domain Requested by
31 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
30 cm.g.doubleclick.net googleads.g.doubleclick.net
www.pdfindir.net
24 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
17 www.pdfindir.net www.pdfindir.net
15 pagead2.googlesyndication.com www.pdfindir.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
11 fonts.googleapis.com googleads.g.doubleclick.net
9 fonts.gstatic.com fonts.googleapis.com
8 www.google.com 4 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
6 image6.pubmatic.com 6 redirects
6 www.googletagservices.com googleads.g.doubleclick.net
5 t.myvisualiq.net 2 redirects googleads.g.doubleclick.net
5 pixel.rubiconproject.com 5 redirects
5 e.dlx.addthis.com 5 redirects
5 cms.quantserve.com 4 redirects googleads.g.doubleclick.net
4 rtb.openx.net googleads.g.doubleclick.net
4 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
3 static.adsafeprotected.com www.pdfindir.net
googleads.g.doubleclick.net
3 pixel.adsafeprotected.com 3 redirects
3 lh4.googleusercontent.com googleads.g.doubleclick.net
3 pixel.everesttech.net 3 redirects
3 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
3 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
2 googlecm.hit.gemius.pl 2 redirects
2 id.rlcdn.com 2 redirects
2 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 d.agkn.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.it pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com www.pdfindir.net
188 33
Subject Issuer Validity Valid
*.pdfindir.net
R3
2021-12-26 -
2022-03-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.google.it
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
www.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.googleusercontent.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.myvisualiq.net
Go Daddy Secure Certificate Authority - G2
2021-12-12 -
2023-01-13
a year crt.sh

This page contains 24 frames:

Primary Page: https://www.pdfindir.net/
Frame ID: 5A3696CA36B85011C811EEEF9518000F
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html
Frame ID: 459D329C0B56DFF029077558C4341198
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&adk=1812271804&adf=3025194257&lmt=1641807152&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.pdfindir.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826457547&bpp=2&bdt=181&idt=150&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4841822094056&frm=20&pv=2&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=162
Frame ID: 6DE6A602FE319BF3EEE5094D2D995D26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Frame ID: 0F2ED6342B39E0704399D79C3160E1D9
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Frame ID: A8D61498684CF5D61E20EB312783B4B4
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Frame ID: 85F5A8DD03B01254549B27FCD22C9374
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Frame ID: 6030532903923D6569C29AE2D2230D58
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Frame ID: 5ABA62B1F953538032FDF74A54B80B42
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4E36E21345639050530C3FCB39EB8D30
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1B353AF9A3ADE22C21A5D1736A851EFC
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Frame ID: FB3C5ED9DE2C674638D70E6786EB7055
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F3821E9FB2AB7C7801E4740A8F91DBA6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C316F632BAE134F36782A7C78527DC25
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7C395A476C202FDB54F112C1D6FA4FB8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EAC7C5CAC2EE3D83ACDC171E207B8DDF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2015A30903232209D21019055ED8A4D6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 79E33FD025089FD16B3E733BEB95F641
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AF52072027EEF496ECC5718D9530992A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Frame ID: 3A996ED3A8B4D809A953011A5E638F7E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Frame ID: 11BCDD7B379882EA78D6FA4167FFE486
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8349A803B259086826F5B86CE4CB39B2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3579C478FBE65C0204043205B8476F6F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C8658CCA58053AE844951A8ABAAE3B5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B707843891839B64DC560D0C4CC3B575
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

PDF İndir - Pdf Kitap İndir Türkiye'nin Dev PDF İndirme Arşivi

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

188
Requests

81 %
HTTPS

63 %
IPv6

23
Domains

33
Subdomains

23
IPs

6
Countries

2183 kB
Transfer

4339 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_vZnY6gEQgBkYoAYyCHLdaSbdksHw HTTP 301
  • https://tpc.googlesyndication.com/simgad/4110287300117681572
Request Chain 94
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKFrLk4UJGaIKTkwhYTMkQ0f0qLQc3GijuV5hT0vot5dCaLeHJMJmSJiTOG6nTAy2D0vuELkTCVfTXxO078Iuv-pW-awKtI&google_gid=CAESEAtbjZ1K1Z4Q5xPeengdv5c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWR4SW13QUFCU1o3TlV2YQ&google_push=AYg5qPKFrLk4UJGaIKTkwhYTMkQ0f0qLQc3GijuV5hT0vot5dCaLeHJMJmSJiTOG6nTAy2D0vuELkTCVfTXxO078Iuv-pW-awKtI
Request Chain 95
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIDMpIUX8uBqJiWlZpNfBLhKP0bwwswP0TiSBhiEWu8qaa-sABQ1DE09aGKkYm99YNo5AIZJYHassg7WFDZYkgLbLgM9us&google_gid=CAESELA3pH4wmDXNUpu88DxQ-SQ&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIDMpIUX8uBqJiWlZpNfBLhKP0bwwswP0TiSBhiEWu8qaa-sABQ1DE09aGKkYm99YNo5AIZJYHassg7WFDZYkgLbLgM9us&google_gid=CAESELA3pH4wmDXNUpu88DxQ-SQ&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDAxMTE5Njg4MzE4OQ%3D%3D&google_push=AYg5qPIDMpIUX8uBqJiWlZpNfBLhKP0bwwswP0TiSBhiEWu8qaa-sABQ1DE09aGKkYm99YNo5AIZJYHassg7WFDZYkgLbLgM9us
Request Chain 97
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFbdbuGVx7RSs-loUgmDtYg&google_cver=1&google_push=AYg5qPITzRC7grbWDg13i-luu9iwHcBpgchAQECUS8WKSzihYvOdg7m6BiFVCpw5v69D6w2-9J6PfGtIA3s8mxhCe4mD7UzQ_2cB HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFbdbuGVx7RSs-loUgmDtYg&google_cver=1&google_push=AYg5qPITzRC7grbWDg13i-luu9iwHcBpgchAQECUS8WKSzihYvOdg7m6BiFVCpw5v69D6w2-9J6PfGtIA3s8mxhCe4mD7UzQ_2cB&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPITzRC7grbWDg13i-luu9iwHcBpgchAQECUS8WKSzihYvOdg7m6BiFVCpw5v69D6w2-9J6PfGtIA3s8mxhCe4mD7UzQ_2cB
Request Chain 98
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELwzEdwv3bhaG7WVi62Nh00&google_cver=1&google_push=AYg5qPLAI9TWSmjA0cx7NlhQd_wVHJXkYaHtjljjV6vRX0ekDUOi0QKGTx895ZOVw7DLX0p7jfrm7J6uJAkAY7alXwwBisIOigU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaSVgtSi1BTjRW&google_push=AYg5qPLAI9TWSmjA0cx7NlhQd_wVHJXkYaHtjljjV6vRX0ekDUOi0QKGTx895ZOVw7DLX0p7jfrm7J6uJAkAY7alXwwBisIOigU
Request Chain 99
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ
Request Chain 110
  • https://t.myvisualiq.net/impression_pixel?r=1641826458267620&et=i&ago=212&ao=693&aca=26946955&si=6324608&ci=138945304&pi=323527181&ad=515887848&advt=8122568&chnl=-7&vndr=115&sz=9973&u=$$17420933_15780589130_400469263$$&pt=i HTTP 302
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=1641826458267620&et=i&ago=212&ao=693&aca=26946955&si=6324608&ci=138945304&pi=323527181&ad=515887848&advt=8122568&chnl=-7&vndr=115&sz=9973&u=$$17420933_15780589130_400469263$$&pt=i
Request Chain 111
  • https://pixel.adsafeprotected.com/rfw/st/903156/59280833/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=17420933&ias_pubId=pub-9579245082538784&ias_chanId=1&ias_placementId=15780589130&bidurl=https://www.pdfindir.net/&ias_dealId= HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 122
  • https://t.myvisualiq.net/impression_pixel?r=1641826458246974&et=i&ago=212&ao=693&aca=26946955&si=6324608&ci=138945304&pi=323527181&ad=515887848&advt=8122568&chnl=-7&vndr=115&sz=9973&u=$$17420933_15780589130_400469263$$&pt=i HTTP 302
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=1641826458246974&et=i&ago=212&ao=693&aca=26946955&si=6324608&ci=138945304&pi=323527181&ad=515887848&advt=8122568&chnl=-7&vndr=115&sz=9973&u=$$17420933_15780589130_400469263$$&pt=i
Request Chain 123
  • https://pixel.adsafeprotected.com/rfw/st/903156/59280833/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=17420933&ias_pubId=pub-9579245082538784&ias_chanId=1&ias_placementId=15780589130&bidurl=https://www.pdfindir.net/&ias_dealId= HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 138
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED_lKHdhppHq0fQsNwSPrho&google_cver=1&google_push=AYg5qPJMzFCzUES7qLeEUr_4CC3N4X5fV4oBXlmPzE1gaRe1klXPFdXqZJCTWQWANq_VvQVIrVMpaitJAsBjit4gFUdT9_VbHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJMzFCzUES7qLeEUr_4CC3N4X5fV4oBXlmPzE1gaRe1klXPFdXqZJCTWQWANq_VvQVIrVMpaitJAsBjit4gFUdT9_VbHQ&google_hm=lxkv-X-Rw4S9j7N9UxVnww
Request Chain 139
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJ8g4iwHui4fVea015aWzRfMFtEcCRd0M7Xxm0SILjT-jx-Z7n-OblRwgLVPyLfJCVLmWIJBtQEAfDps_h77b0lAQ5mbA&google_gid=CAESEDJlQqF6GIIHJfB8B2FhVRk&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJuR8Y4GEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBKOGc0aXdIdWk0ZlZlYTAxNWFXelJmTUZ0RWNDUmQwTTdYeG0wU0lMalQtangtWjduLU9ibFJ3Z0xWUHlMZkpDVkxtV0lKQnRRRUFmRHBzX2g3N2IwbEFRNW1iQQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSnFRbW9VaDdvSXFiNnYtcWpPMmF6Rm1XUXVjQmRrX1lza3JWMHUwSXpWSQ==&google_push
Request Chain 140
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLOdJevnn8LR7HDfMtvQac7oV90qu8TT4Y-YZ8zbSqIGzkWhR_YW3X8X6qKvKbUNuAXqyWKG97is1_AXfBvX6UtUtM7oAA&google_gid=CAESEIiei8S3F7_od6IWlulSkoU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDAxMTgxNTIwMTE5Ng%3D%3D&google_push=AYg5qPLOdJevnn8LR7HDfMtvQac7oV90qu8TT4Y-YZ8zbSqIGzkWhR_YW3X8X6qKvKbUNuAXqyWKG97is1_AXfBvX6UtUtM7oAA
Request Chain 142
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDDnWq5is7v-0eNv69bS8qo&google_cver=1&google_push=AYg5qPISeW9b9rhcYKutwBZbnhQfE7spyvE6r6J4bH96GRAhQSssRWno-ZB8Tbw71kILGy4w6YXVdwy9UN6pAH1JUB2z_9CYDNE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPISeW9b9rhcYKutwBZbnhQfE7spyvE6r6J4bH96GRAhQSssRWno-ZB8Tbw71kILGy4w6YXVdwy9UN6pAH1JUB2z_9CYDNE
Request Chain 143
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECUgDRzqejUzFeLIXGhivVg&google_cver=1&google_push=AYg5qPLK3GBBxJp2f3xZGlL6Tvp7BDbXnv1jRqOBIIx272-rzSINTxLR2VDI5YTE4CPwDooNDB0PiENT_dZsv7rXuw4UTKzDOhc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaTjgtQy1JUVA2&google_push=AYg5qPLK3GBBxJp2f3xZGlL6Tvp7BDbXnv1jRqOBIIx272-rzSINTxLR2VDI5YTE4CPwDooNDB0PiENT_dZsv7rXuw4UTKzDOhc
Request Chain 144
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_cver=1&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1
Request Chain 146
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOKYMW6D8iv3vDZlVU_F-yA&google_cver=1&google_push=AYg5qPKDnHzKungUXH8PmCOlDS6nxBMRW8yi4BxCDE7upWVjzfzJP3Bd5lre9qPZ7v8YHRceRKrrjS5fSd80YZFbYyYulnmDLOt0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKDnHzKungUXH8PmCOlDS6nxBMRW8yi4BxCDE7upWVjzfzJP3Bd5lre9qPZ7v8YHRceRKrrjS5fSd80YZFbYyYulnmDLOt0&google_hm=lxkv-X-Rw4S9j7N9UxVnww
Request Chain 147
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIotaMlBoyp8HmqUe_h4rPK6GHty8NV3cl3nb7_yVstTLPZiU4n93u0CJyW_8bTWZ2YRb7YBSGhwXMb57lMGzkN66Hinpeb&google_gid=CAESEAoQhwkAejX64fk1E2mtWis&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWR4SW13QUFBYUBJNVNUOQ&google_push=AYg5qPIotaMlBoyp8HmqUe_h4rPK6GHty8NV3cl3nb7_yVstTLPZiU4n93u0CJyW_8bTWZ2YRb7YBSGhwXMb57lMGzkN66Hinpeb
Request Chain 149
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKmHi4h61mllrSINFt_GUZQ&google_cver=1&google_push=AYg5qPIJjMVtr59C999hhvGa9CPMQS-2VbhyJhzZquFS8mYI9idfR32VpgmXrlRsaT0Ku9Ye3AC1J9124Avqr7z3dH89l8pj9EE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJjMVtr59C999hhvGa9CPMQS-2VbhyJhzZquFS8mYI9idfR32VpgmXrlRsaT0Ku9Ye3AC1J9124Avqr7z3dH89l8pj9EE
Request Chain 150
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPqBXCPaUSg4ZS2sBJB2moo&google_cver=1&google_push=AYg5qPLdCPrtdY4NJCEm0GTSSx5uQYGrJWKJUCkUKbEBqJR0R4PSAAHf_isxJwRbFigfrVzylit1ts5ZzuOaZQcwJRhA1ohGZDV2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaT0ctMVktSFZPUw==&google_push=AYg5qPLdCPrtdY4NJCEm0GTSSx5uQYGrJWKJUCkUKbEBqJR0R4PSAAHf_isxJwRbFigfrVzylit1ts5ZzuOaZQcwJRhA1ohGZDV2
Request Chain 151
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFxNRxmpMhughiWqaQAXhok&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok
Request Chain 152
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAkhv4do3u31nahZc50G0uM&google_cver=1&google_push=AYg5qPIPY6__95L2ckAy-_qBfBaKRHMqQcYwBbegTN4DAQ1xaaPU6CGFUUO7i0xNHxlurRQD8QNMUnhiM_v8k6eZNURjaEi6LPG9wA HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIPY6__95L2ckAy-_qBfBaKRHMqQcYwBbegTN4DAQ1xaaPU6CGFUUO7i0xNHxlurRQD8QNMUnhiM_v8k6eZNURjaEi6LPG9wA&google_hm=
Request Chain 154
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 156
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 160
  • https://pixel.adsafeprotected.com/rfw/st/903156/59280833/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=17420933&ias_pubId=pub-9579245082538784&ias_chanId=1&ias_placementId=15780589130&bidurl=https://www.pdfindir.net/&ias_dealId= HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 166
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGDEAiEcU8GEjgD5Xzfr8Uo&google_cver=1&google_push=AYg5qPI8w5TzSshE89Ej7nCenlxNOrJhKwO5gBSAQmrkPF7vSdNawznV-dhSuG-O0U6hzKmTdnXLitBFnqsUsjPhtNwmWwp2z0E HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI8w5TzSshE89Ej7nCenlxNOrJhKwO5gBSAQmrkPF7vSdNawznV-dhSuG-O0U6hzKmTdnXLitBFnqsUsjPhtNwmWwp2z0E&google_hm=lxkv-X-Rw4S9j7N9UxVnww
Request Chain 167
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIv8pgQW2M5aQge_7HWJcSXfhuZuaUblXnf75QAjI16_9j1JDpB16uTsc7JNTLEu90u6-gK8pUzavSEDa5xbZjpKUOBzmfr&google_gid=CAESEFJTs_u25Bfa3NHqL4XKNC0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWR4SW13QUFCVC1TMnlRUA&google_push=AYg5qPIv8pgQW2M5aQge_7HWJcSXfhuZuaUblXnf75QAjI16_9j1JDpB16uTsc7JNTLEu90u6-gK8pUzavSEDa5xbZjpKUOBzmfr
Request Chain 168
  • https://d.agkn.com/pixel/2175/?google_gid=CAESELL61n7L-EVNCnvttE_VTTE&google_cver=1&google_push=AYg5qPIfUp0AE8QUGBVIex-myhCmdxjKFcpXAJ_7kmaGm2tX-o6qTo_F7NjB9q3_GcBg4sOT-BwEOO2Km6pXHYjcRpjWCgqYvKs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIfUp0AE8QUGBVIex-myhCmdxjKFcpXAJ_7kmaGm2tX-o6qTo_F7NjB9q3_GcBg4sOT-BwEOO2Km6pXHYjcRpjWCgqYvKs&google_hm=Q0FFU0VMTDYxbjdMLUVWTkNudnR0RV9WVFRF
Request Chain 169
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK_9TQcE6s0mI2iAyQwxK27Waj5-SXZT9YQFLu2k_TTM4yB1qjOfniP_95_V-j2hO6VY2YvG7_HH2v1zuMoIMIAWrZDSWmm&google_gid=CAESELT5Y99tJicm6k6g0tL6OSQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDA0MjIwMDk1MzQ0MQ%3D%3D&google_push=AYg5qPK_9TQcE6s0mI2iAyQwxK27Waj5-SXZT9YQFLu2k_TTM4yB1qjOfniP_95_V-j2hO6VY2YvG7_HH2v1zuMoIMIAWrZDSWmm
Request Chain 170
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHvKZyJqYKn5ZAinhg2UU7w&google_cver=1&google_push=AYg5qPJMYLTARtJ81miqPhMUlgL_AI7kmpFe2nd1-Aer7JAkRA5ns4rauW-kEMBmFXBHgtBid4dEmvx8wMjV4HxNbBwG5_WmNtbW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJMYLTARtJ81miqPhMUlgL_AI7kmpFe2nd1-Aer7JAkRA5ns4rauW-kEMBmFXBHgtBid4dEmvx8wMjV4HxNbBwG5_WmNtbW
Request Chain 171
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECN_WoJ4n_j20pGmYx-FR2w&google_cver=1&google_push=AYg5qPKc4WA8YymKOQ3_0qILY70PZt_sG4UKnxM-Umixl2vdhJOpZJiHedG1nq2YootoeTi3KUKIkMRC_GDvGsZeOO5T50Z0C0b0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaUE4tMTUtNzFNUA==&google_push=AYg5qPKc4WA8YymKOQ3_0qILY70PZt_sG4UKnxM-Umixl2vdhJOpZJiHedG1nq2YootoeTi3KUKIkMRC_GDvGsZeOO5T50Z0C0b0
Request Chain 172
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_cver=1&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1
Request Chain 175
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 176
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL1rhUxIHBw4gp1XbOI1iX4&google_cver=1&google_push=AYg5qPLbzRI5XXmeYZW2LvULrFyHNFgOjJ8mb8gSwUj2nneMVON4D74q1hf9qUilzqLN8JXFLyHcXgaEHw53BGCTXGAkuy231yUi HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLbzRI5XXmeYZW2LvULrFyHNFgOjJ8mb8gSwUj2nneMVON4D74q1hf9qUilzqLN8JXFLyHcXgaEHw53BGCTXGAkuy231yUi&google_hm=lxkv-X-Rw4S9j7N9UxVnww
Request Chain 177
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKV1VdOkAE06LzRkNB1VInt9KUbB_llzwCSJg00lO25tXwgbFSqDteTCjOFahVuu674HGYhLQB7eSRqz76D1Urjc0ksIGit&google_gid=CAESEFn2FC5K8YobAv4KGRApdLY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDA0MjIwMDk1MzQ0MQ%3D%3D&google_push=AYg5qPKV1VdOkAE06LzRkNB1VInt9KUbB_llzwCSJg00lO25tXwgbFSqDteTCjOFahVuu674HGYhLQB7eSRqz76D1Urjc0ksIGit
Request Chain 179
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKcB3ZFlt9hu873KCVBYJJY&google_cver=1&google_push=AYg5qPJIbSg3F5cSDg4-thdCMc0e-JjXTiWbhmrmmkzK2jtGUInHo2o0Yg_pdb-Do18Pij-mAxf-v-oXNgryt-tSKd275BmaApCM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJIbSg3F5cSDg4-thdCMc0e-JjXTiWbhmrmmkzK2jtGUInHo2o0Yg_pdb-Do18Pij-mAxf-v-oXNgryt-tSKd275BmaApCM
Request Chain 180
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAlG2fMsgixjKm0eEgKHbiI&google_cver=1&google_push=AYg5qPL9TdmUyps4375uWBorOCHrjiRt69hmG6HM0PTc_Jhco2fApJIPxHF0zHzFIYyEqr-zELDyE_mGoXBQbXkMwZBAGRTG8rlz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaVEYtMUYtMzg3VA==&google_push=AYg5qPL9TdmUyps4375uWBorOCHrjiRt69hmG6HM0PTc_Jhco2fApJIPxHF0zHzFIYyEqr-zELDyE_mGoXBQbXkMwZBAGRTG8rlz
Request Chain 181
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo
Request Chain 182
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENVagOSf-YnibtnL0BIOeeU&google_cver=1&google_push=AYg5qPIYMqFZoTtSnY4cK-qIzgVZ9mxU-lG2Sqb5Hi-ess7WltR5c4D8ntcN8DCIHxrc5EkLi-gOrsWdYsSfIfkpXaTqkrypvDphWA HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIYMqFZoTtSnY4cK-qIzgVZ9mxU-lG2Sqb5Hi-ess7WltR5c4D8ntcN8DCIHxrc5EkLi-gOrsWdYsSfIfkpXaTqkrypvDphWA&google_hm=
Request Chain 184
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

188 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.pdfindir.net/
84 KB
16 KB
Document
General
Full URL
https://www.pdfindir.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2d2e1ae56598910e3bca988f18fad915372b452f226c5b175b4b9d5b533eb3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 10 Jan 2022 09:32:32 GMT
x-cache-status
BYPASS
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWmnO534xeuyMLE0EJMIuxLoT5igDFeOQY2%2F59hNbb6ygE4m43UAmhrWHqNPINzPn%2BqI6FVn2YnkyBzu7vAZc5tZ6%2Fl6WCgEbm%2BCrK4BWQLr8BRwYAGimQof7GPejHofHCgkxpsCLmdKgzqgY8BX"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cb6bd5e1c0d716c-DUS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
y_mZCAEYUrPf46j_o8XtICQpCp4.js
www.pdfindir.net/cdn-cgi/apps/head/
5 KB
2 KB
Script
General
Full URL
https://www.pdfindir.net/cdn-cgi/apps/head/y_mZCAEYUrPf46j_o8XtICQpCp4.js
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c912c06a5e8060f657f8d76e7cb46b9b46a23edf796e3d61cdd1bdd6b9c8305

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
507671
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
249G3VFNCQ4RSNJ4
x-amz-id-2
Pxr35BGHzRhLi8UaHKUCPutWkgXwcA0IGNoVn1C2gsdhqm8hGBiFpnOEMA6C/cPQ0DHRTsNTTcI=
last-modified
Wed, 29 Dec 2021 01:50:03 GMT
server
cloudflare
etag
W/"26b7389998d124c1a16392aa00bc24c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xzR3NkODrwZAqJKHewfaRyh%2FsWqdFGnHxPWM8pCAe1XyarXEo4kcSC5OHCbxJNFtTyBoHrWndInwgHjS5juI2zYZQA7rHhVZK7WlQg2XLbr7C42g9mxA9M%2BTtPsD5%2BhdlBQaYDjkVU3MFBVJnxz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
S7ft0XvtnKDe7hNMLXpODTu01XZpn4Pl
cf-ray
6cb6bd5ebd9b716c-DUS
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
146 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9579245082538784
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2cee35453c8e98f010c5ff255a05789af49e537e9801b6415a123e8d4de779c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pdfindir.net/
Origin
https://www.pdfindir.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51782
x-xss-protection
0
server
cafe
etag
16819706099480313602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 14:54:17 GMT
generate-fonts.css
www.pdfindir.net/wp-content/cache/min/1/wp-content/uploads/omgf/generate-fonts/
3 KB
583 B
Stylesheet
General
Full URL
https://www.pdfindir.net/wp-content/cache/min/1/wp-content/uploads/omgf/generate-fonts/generate-fonts.css?ver=1640970512
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd148c14daa194956a07738296f8404c1662d752f34bd1f6ed7a6723dbcf4880

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Dec 2021 17:08:32 GMT
server
cloudflare
age
735
etag
W/"61cf3910-ab7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5la4eu%2BhlWEvScVQmInxdY%2BXLfgj%2FbLHggD%2BSfBVCxBRKZOkFuFcLCbubb6vXanUqhYh%2BdRgLcgl8Sc5BTOvw0kRyEZkJytqMIx%2BOh4AWJNjudc19IIjOXbR6b%2BspojaVfG2eZMG4%2F2zWUfIjHm"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6bd5ebda0716c-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
www.pdfindir.net/wp-includes/css/dist/block-library/
79 KB
11 KB
Stylesheet
General
Full URL
https://www.pdfindir.net/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 16:31:29 GMT
server
cloudflare
age
735
etag
W/"61ae3ae1-13abe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhFGYisx6hOMhaSIQiny1KSh4nKE6alPPoMjK%2FsX9BcxdZuXKuYxxKfHMeldEC%2F8%2FXvu9NnMp1K8pWWS51q1vcyicwBdkbOC38%2BwsiY5N9ON2hO%2BKR0sS%2BXj9GaEQWh%2BxC0qmeXFFx%2Bltob09wzn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6bd5ecda1716c-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
widget-areas.min.css
www.pdfindir.net/wp-content/themes/generatepress/assets/css/components/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.pdfindir.net/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.0
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 16:29:36 GMT
server
cloudflare
age
735
etag
W/"61ae3a70-d1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZFhOYGL3WQUmZSqDSA22oJhhUyythgHWsNkNMBTV3ynIpDFShMCFmVM1RAdvqd96Xqt%2FiE9cJIP%2Fb8eeYxeYquYzazaeIG5k5MCNGFR7lYmLqcKO5nEhJoTdSfGdSpyVrXvL2BaJznjVZcRd1wB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6bd5ecda2716c-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
main.min.css
www.pdfindir.net/wp-content/themes/generatepress/assets/css/
19 KB
5 KB
Stylesheet
General
Full URL
https://www.pdfindir.net/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.0
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a3b2b4bb13ccc6ea24e09ac28cf3934212a8191289ff8e032b8a25d84997f8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 16:29:36 GMT
server
cloudflare
age
2380
etag
W/"61ae3a70-4c36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjLhi8cXwAVeUJR0hL5w%2Bh1oTRo43Hf9aFIqEhu1pzXKhCqaWX6EYujEf0A5qmdf%2BiaIe6GEjqGdkQtJ6dTl0HLTcIVYw84mUIIaz9j640%2FTE%2BNrEZ7Q2vL1njMJlyFpUFfEGiOaXi3V%2FpxfGkK5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6bd5ecda4716c-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
featured-images.min.css
www.pdfindir.net/wp-content/plugins/gp-premium/blog/functions/css/
3 KB
821 B
Stylesheet
General
Full URL
https://www.pdfindir.net/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.1.1
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e545a7e4d7f69a26daa026799b6ab7caea7cfe6aa822b0038f63c14a5f69cf1

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 16:29:33 GMT
server
cloudflare
age
735
etag
W/"61ae3a6d-d37"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNop8vfFcmBheOLRN7ge0XgvyrbaaKTtT6Kj5EFmX0YV8w3dn4SIlwBzKbn%2FYFShtExuNBagbgxBINqcdYZFlfoqtcSrHbwJy3T4s2BCuPNluToyschty3at8K4RTPScSc5PtgiSpPWRHwEKwT2x"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6bd5ecda5716c-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
navigation-branding-flex.min.css
www.pdfindir.net/wp-content/plugins/gp-premium/menu-plus/functions/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.pdfindir.net/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding-flex.min.css?ver=2.1.1
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8eb7fd8354e29e58e77290872b6e05a65404a4d16fe26996b72b6f2f606281

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 16:29:33 GMT
server
cloudflare
age
2380
etag
W/"61ae3a6d-a06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnyMCd6EkFTRFMHBLL40xOoYoBcLP%2BJ16HkNQR4%2FvdO2xUn5I5qG7x5bylY0S2%2B8AvsFte%2Fr4qtYuAQRYPJbFvk7D7dEGodlpCIRO9zgWHvgf9cRnmpeUv%2B%2BXLwUpgsbZXXJoUado7FLLNIbNDQ0"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6bd5ecda7716c-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
www.pdfindir.net/wp-includes/js/jquery/
87 KB
32 KB
Script
General
Full URL
https://www.pdfindir.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 16:31:30 GMT
server
cloudflare
age
735
etag
W/"61ae3ae2-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mL2%2BqTJw%2FYkkNgfdgzfcZDcpqwMS12rWLBW73KOLwBtUO4%2BDAF9jnyWz5a4llTEUq%2F9rVhWir8bVCj9b8byFBnqnAjEiN0pR9mLQxDf7xqNF%2FvjbTwMfiuSyuwdwuTLDAy1JAhXbpTlDlWYaQdJF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6bd5ecdaa716c-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery-migrate.min.js
www.pdfindir.net/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://www.pdfindir.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 16:31:30 GMT
server
cloudflare
age
2626
etag
W/"61ae3ae2-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlM%2BtRCIA6gtZ8K7corHhqE6aW6G25kKHVqWUx9Pz%2BCEOfqPZ2e4WQwgbNb8MIPTECPW9eV0X28CIhwPcK42gosg1ol5nJjlK25xN%2FAtZHliIunyWZ%2BIGt2YTrEfCoTSUHUISaZ3pPeUVXR0YE73"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6bd5ecdac716c-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pdflogo.png
www.pdfindir.net/wp-content/uploads/2021/10/
6 KB
7 KB
Image
General
Full URL
https://www.pdfindir.net/wp-content/uploads/2021/10/pdflogo.png
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e659ae59f378f1a698e88c68c49e2ce620a4f848081ca4b4a54c2480030f568

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
735
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6564
last-modified
Mon, 06 Dec 2021 16:31:29 GMT
server
cloudflare
etag
"61ae3ae1-19a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMNglGDrYMJj5ftxNsF6JhAzUmIYdM0mgrEjV%2BEGiG5elRrFjf3f72p1HbFv7H2uFIGf0TeXgBkYvYcIyzGBKFsC7Y3UMgLFnLhv4nRmOghWmv6xyd7cOtaKryATdEADvjehth1DhzjXPl5D1SpN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cb6bd5f2eab716c-DUS
wp-embed.min.js
www.pdfindir.net/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://www.pdfindir.net/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 16:31:30 GMT
server
cloudflare
age
735
etag
W/"61ae3ae2-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRUNq1PfR1nXFnPaUL3CeGLMjkAC6HiAel4GGDQLzUFjo69f5FL5FABXPyUyvTeCIcgd8WK4I0n9S%2B57hQ%2BuTSJlkD0TuKzEfT%2FB7Wd28p6y7J7jrkn62BhYZffS2TPn5eA7dwCmyAEeuEXgyAnJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6bd5f3ed7716c-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
3KWHHC5gKztdFELqTzNlUhCKPS4.js
www.pdfindir.net/cdn-cgi/apps/body/
4 KB
2 KB
Script
General
Full URL
https://www.pdfindir.net/cdn-cgi/apps/body/3KWHHC5gKztdFELqTzNlUhCKPS4.js
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/cdn-cgi/apps/head/y_mZCAEYUrPf46j_o8XtICQpCp4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
167068d7bba0d199936e787f2894b436443161d561254184b3a4cc3228e7df24

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
418735
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
K9VZDBTHSHDYQAGW
x-amz-id-2
BOTUQbPspFgudiTqyRZUsXUejYr8fGi0OK3GaxXmbQvd9DHZV3z/c5s99W9z6Ck7X4i5g0ImmHE=
last-modified
Wed, 29 Dec 2021 01:50:03 GMT
server
cloudflare
etag
W/"db6da251142f5a7a940f0ea7ad6acc6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FS%2BYm3gezEmbPDcVQNJSZjJvbCWA0MZhnoLLrcAie40JGsT92hl%2BlDdqCp8%2BJmRVH8J0AX4%2FsOk3cAaQbzu6fZfSvKYphGrG5RDoPrD7clh6kLfJhFJclWIZE0l7HJSfabg%2BJ1miWezNESld%2BGb6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
zrECN4Ozuf2_izA7rv.uaTERnFUnl_Bw
cf-ray
6cb6bd5f3eda716c-DUS
open-sans-normal-400.woff2
www.pdfindir.net/wp-content/uploads/omgf/generate-fonts/
22 KB
22 KB
Font
General
Full URL
https://www.pdfindir.net/wp-content/uploads/omgf/generate-fonts/open-sans-normal-400.woff2
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/wp-content/cache/min/1/wp-content/uploads/omgf/generate-fonts/generate-fonts.css?ver=1640970512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6849c2f6dd45325e6d5761c53db3dd6ecf99158e9cf1eb3b4e35f7e4025cb5c0

Request headers

Referer
https://www.pdfindir.net/wp-content/cache/min/1/wp-content/uploads/omgf/generate-fonts/generate-fonts.css?ver=1640970512
Origin
https://www.pdfindir.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22096
last-modified
Mon, 06 Dec 2021 17:16:19 GMT
server
cloudflare
etag
"61ae4563-5650"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQBHFTblPzR3%2B7d%2FYzUoagfWDuue6Us1bUYhCxu6%2FU21SjOXIYr5yX%2F9gk2uuS2ZfQJiYFDUOzgpFKGdwKWu3TZl3thq4i%2FMVWBdOXCKEfQ%2Fdwp3Wqd2d0zFg9Tdp3uwz4TBR8AC2RubRDNTAl%2Bq"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cb6bd5f4d553bbc-CDG
open-sans-normal-600.woff2
www.pdfindir.net/wp-content/uploads/omgf/generate-fonts/
22 KB
22 KB
Font
General
Full URL
https://www.pdfindir.net/wp-content/uploads/omgf/generate-fonts/open-sans-normal-600.woff2
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/wp-content/cache/min/1/wp-content/uploads/omgf/generate-fonts/generate-fonts.css?ver=1640970512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7996a13ba28f47d09f223e3ab1971511b8390b708862b5f05be497d644845538

Request headers

Referer
https://www.pdfindir.net/wp-content/cache/min/1/wp-content/uploads/omgf/generate-fonts/generate-fonts.css?ver=1640970512
Origin
https://www.pdfindir.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22096
last-modified
Mon, 06 Dec 2021 17:16:19 GMT
server
cloudflare
etag
"61ae4563-5650"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwaFTEK2DE8BmfR096v5MCXkHUPEIjdzfCdhgX8LEJNcq7wQdCwBRxqb6S6RtZme2TwQHgk0N5qJO8x88sceXI%2FcH61v2y%2Bk4duMIFSlQcS7GUmxIO84ZDsl29AQbmMaZfDqoN4681o0BiRMkhNt"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cb6bd5f4d5b3bbc-CDG
open-sans-normal-700.woff2
www.pdfindir.net/wp-content/uploads/omgf/generate-fonts/
21 KB
22 KB
Font
General
Full URL
https://www.pdfindir.net/wp-content/uploads/omgf/generate-fonts/open-sans-normal-700.woff2
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/wp-content/cache/min/1/wp-content/uploads/omgf/generate-fonts/generate-fonts.css?ver=1640970512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c82197d183592cfb227c9e4e368e428ce9ba45444603dc7441d8ffe045e01c

Request headers

Referer
https://www.pdfindir.net/wp-content/cache/min/1/wp-content/uploads/omgf/generate-fonts/generate-fonts.css?ver=1640970512
Origin
https://www.pdfindir.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21496
last-modified
Mon, 06 Dec 2021 17:16:19 GMT
server
cloudflare
etag
"61ae4563-53f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A13mJ85dSj6BXMj7ooDyZL6hh4rWFuqjgskMSNtr%2FdzcVX9UELVur0IDeNaxVkKT%2BPzVFPr%2BJsOvyJBemtu7it8jplCrPFpEJ8hS6asYIEg6Y2dRRRf7MQBvAqnW5ezviIwzJScbJr2Qt%2FAIOm%2FW"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cb6bd5f4d633bbc-CDG
pdf-%C3%B6n-logo-min-768x360.png
www.pdfindir.net/wp-content/uploads/2020/04/
101 KB
102 KB
Image
General
Full URL
https://www.pdfindir.net/wp-content/uploads/2020/04/pdf-%C3%B6n-logo-min-768x360.png
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:aa28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc9db30289d7b3ee71c133c1898e1b7bccc685122c0014fee3c2560f2df13cc

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6153
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
103744
last-modified
Mon, 06 Dec 2021 16:29:36 GMT
server
cloudflare
etag
"61ae3a70-19540"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJsbDBfkYd2eewW%2ByVp1r13xf%2FvmgPJKewBSZuyBqmF7ikYx8UCiHuN8zcvd3SUXnVGIl1lQk7HCOCQn6x38P%2FtZYHnQIcnZeLdNbyBbIGz9bQAOlliMdhGtc8gd2%2FVaH6QkVOI58RnEuNTRR7Ci"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cb6bd5f5d923bbc-CDG
js
www.googletagmanager.com/gtag/
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113315475-13
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/cdn-cgi/apps/body/3KWHHC5gKztdFELqTzNlUhCKPS4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d4ee2e17fd09063382baa9b2909d960de8cd73c1daefb289b8ffe51f1a5a6493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36380
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jan 2022 14:54:17 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/
282 KB
101 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9579245082538784
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87e5e34506211c5be0d22d158c38ee0f3c16f6a7d048b074b30d9554c943ef0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103755
x-xss-protection
0
server
cafe
etag
723676832140883972
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 14:54:17 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/ Frame 459D
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9579245082538784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 09 Jan 2022 16:07:35 GMT
expires
Sun, 23 Jan 2022 16:07:35 GMT
content-type
text/html; charset=UTF-8
etag
2196020943555189384
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4873
x-xss-protection
0
age
82002
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113315475-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6791
date
Mon, 10 Jan 2022 13:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 10 Jan 2022 15:01:06 GMT
cookie.js
partner.googleadservices.com/gampad/
216 B
645 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.pdfindir.net&callback=_gfp_s_&client=ca-pub-9579245082538784
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
3fd03241da766a9997c29d6b4a2ec25478af1d6519c7f1649d04199316f39a0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.it/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.it/adsid/integrator.js?domain=www.pdfindir.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80b::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 14:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.pdfindir.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 14:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6DE6
183 KB
45 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&adk=1812271804&adf=3025194257&lmt=1641807152&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.pdfindir.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826457547&bpp=2&bdt=181&idt=150&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4841822094056&frm=20&pv=2&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=162
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d2a211d68914089f74afd974b75fcd08dd364896da46df823c7be0313e1fc46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 10 Jan 2022 14:54:18 GMT
server
cafe
content-length
45608
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 10 Jan 2022 14:54:18 GMT
cache-control
private
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1928257840&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pdfindir.net%2F&ul=en-us&de=UTF-8&dt=PDF%20%C4%B0ndir%20-%20Pdf%20Kitap%20%C4%B0ndir%20T%C3%BCrkiye%27nin%20Dev%20PDF%20%C4%B0ndirme%20Ar%C5%9Fivi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=2013498832&gjid=1310794592&cid=774576690.1641826458&tid=UA-113315475-13&_gid=168421047.1641826458&_r=1&gtm=2ou150&z=1747826241
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pdfindir.net/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.pdfindir.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
440 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-113315475-13&cid=774576690.1641826458&jid=2013498832&gjid=1310794592&_gid=168421047.1641826458&_u=YAhAAUAAAAAAAC~&z=1299282166
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pdfindir.net/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 10 Jan 2022 14:54:17 GMT
content-type
text/plain
access-control-allow-origin
https://www.pdfindir.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/
149 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/reactive_library_fy2019.js?bust=31063947
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
418c52e163853f7bff8f6e86ea24aa28932435ae8781ae0461cf652180464e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54213
x-xss-protection
0
server
cafe
etag
13014091988058228129
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 14:54:18 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0F2E
102 KB
37 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e89832d00551e4530719bb9ceeb7c1a9e35d4dbd38bf4ba627ada8966d8e4ea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 10 Jan 2022 14:54:18 GMT
server
cafe
content-length
37992
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 10 Jan 2022 14:54:18 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame A8D6
102 KB
37 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10652fb20fd331641e95d8d55704bc4369d4b74be70734e57c0bdf38f8d0b1f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 10 Jan 2022 14:54:18 GMT
server
cafe
content-length
37984
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 10 Jan 2022 14:54:18 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 85F5
117 KB
42 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7807d474df5f0e63d7f00a0f5c2463e3014a232dcad3f077e98bd4c1f3460e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 10 Jan 2022 14:54:18 GMT
server
cafe
content-length
43318
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 10 Jan 2022 14:54:18 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6030
103 KB
37 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e715fd2fbbafb54f2dd0deb107b0586d3e9a9a58dc8495feccb5d35d900a572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 10 Jan 2022 14:54:18 GMT
server
cafe
content-length
38189
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 10 Jan 2022 14:54:18 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 5ABA
143 KB
37 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ccd04123f653fd227735ccce8283aba3103d244d939f551ca99b006a6254303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 10 Jan 2022 14:54:18 GMT
server
cafe
content-length
37467
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 10 Jan 2022 14:54:18 GMT
cache-control
private
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/ Frame 4E36
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 09 Jan 2022 16:15:14 GMT
expires
Sun, 23 Jan 2022 16:15:14 GMT
content-type
text/html; charset=UTF-8
etag
2196020943555189384
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4873
x-xss-protection
0
age
81544
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 4E36
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:05:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 14:54:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 14:54:18 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4E36
205 B
744 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 17:36:36 GMT
x-content-type-options
nosniff
age
249462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 07 Jan 2023 17:36:36 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4E36
604 B
695 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 19:23:58 GMT
x-content-type-options
nosniff
age
243020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 07 Jan 2023 19:23:58 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/ Frame 4E36
19 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d8693cddca8ef95b6b06ab98ad4ae68d7c7a30aa8d781e418c28b84bfcca7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1797
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8415
x-xss-protection
0
server
cafe
etag
17051659159829090632
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:24:21 GMT
css
fonts.googleapis.com/ Frame 1B35
3 KB
579 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 13:56:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 14:54:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 14:54:18 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 1B35
1 KB
880 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:42:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 1B35
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:50:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 1B35
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:43:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1B35
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 14:54:18 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 1B35
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:49:04 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 1B35
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Apr 2022 13:17:55 GMT
94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
pagead2.googlesyndication.com/bg/ Frame FB3C
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
2812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 14:07:26 GMT
css
fonts.googleapis.com/ Frame 5ABA
2 KB
532 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:50:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 14:54:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 14:54:18 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 5ABA
1 KB
880 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:42:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 5ABA
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:50:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 5ABA
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:43:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5ABA
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 14:54:18 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 5ABA
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:49:04 GMT
l
www.google.com/ads/measurement/ Frame 5ABA
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYYj0FiUnrATxzIHCa52ACyGr8yw0Vy7hy1dY5e58G26zhEp-R5wSK8ZOlSgEFf6ZB8svStd-BM0Xtv3iarJaFlx5Ngw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 5ABA
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Apr 2022 13:17:55 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5ABA
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-FaHmkjcYcDIEIPjygWG_ICwCYDsgslnqay21cMPn7T6gd4tEAEgiuiLfWD9gpGE6BGgAdmu374ByAEJqQJahQ0IEACzPqgDAcgDywSqBOABT9C9CAyw19hVc4St9ShgsuJWEgZXstlF1wfB4AqOFtnBPChlKia0gUs6XS9LtxVCOoimz_U4FiBH4Kr3TcDFVmVlFlz6w9hUbh9nJBCMdGAg53QB2KWLUgbHwY7L2T9ZN6FYkj2f6APsLEsPGyBOLhc0osQ2uV-IK9TcxJwHjR0TUV9ZZBucf6sHCKSd2sS9C73cdPQFNT95DfhoxuQjtVmiRiZkNqn7Hzpdvd65oZP9Ww3-sGvkrO_D8iSfGWXr5VCknrm70XXgBGNEp7uG0kN5qY81EiXcx-hHcUYhuirABLm50N_vA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeP0aDBAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBDpjQPSCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItOTU3OTI0NTA4MjUzODc4NBgA&sigh=LRK8vXFb5Fc&uach_m=[UACH]&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 10 Jan 2022 14:54:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 5ABA
358 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f4e7bc09b20c73aae4a13af367da2ecfadbb1b1ff6269f52410f20efc157d29

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
shopping
encrypted-tbn3.gstatic.com/ Frame 5ABA
11 KB
11 KB
Image
General
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTwPHEE6uGpggM0ocvuEP_n1EEn_cIkDmTjojuezDgmemmFKII&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6098a07c332935e29d6bb04af46555e0eca500a91ca61b0dc2182f40b5aa0e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 11:41:19 GMT
x-content-type-options
nosniff
age
529979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11561
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 10:04:35 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 04 Jan 2023 11:41:19 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 5ABA
17 KB
17 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSj-dC_jd-WbtwX52DSaWPycPzYNBflYnPzSgxxpJvpu0alTwV_&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6c695066acb6aac3f955fc09e44151e98c3caea4dfec807e39142660513d39c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:25:47 GMT
x-content-type-options
nosniff
age
264511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17091
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 16:24:30 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 07 Jan 2023 13:25:47 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 5ABA
11 KB
11 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSxfUQyW_F_pfi1hF9i73d-eZSxAsx_CzGBJOrUSBD6AqG9zfGe&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50449063ba7339aee2c8c6c488d2470a80f3384352c4f067ea1ca2a63ef5b020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 09:21:12 GMT
x-content-type-options
nosniff
age
365586
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10882
x-xss-protection
0
last-modified
Fri, 03 Sep 2021 03:44:29 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 06 Jan 2023 09:21:12 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 5ABA
13 KB
13 KB
Image
General
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRTSww3EG1fGFa7tzTGXtNhhfvWaeFC2WtCcsXJqPE4oAIn1Wk&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fce9fae77c6a9664c6288c9752e4b7f823586753c26591ab4b6344aca85afb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 06:09:08 GMT
x-content-type-options
nosniff
age
549910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12821
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 06:32:04 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 04 Jan 2023 06:09:08 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 5ABA
24 KB
25 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSSi1NMrS73OkzCR93tTBmrSppfakA2trMjHRr45dMIg5_Cdnqo&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5de929a7b252c73163110250f6da25c58372ba107d9985bd46ea982564822f2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:33:01 GMT
x-content-type-options
nosniff
age
1277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25000
x-xss-protection
0
last-modified
Sat, 16 Oct 2021 01:57:22 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 10 Jan 2023 14:33:01 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 5ABA
18 KB
19 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSFJz0nw8f_UUZR0PDlR1d5YfHE0v1T2HM6DW_ACx9ZnaGm71o&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8f2d9f31528a4c1b33f3ca79263f35c80f93daa44de261773942aaf9a34da44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 01:45:52 GMT
x-content-type-options
nosniff
age
306506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18750
x-xss-protection
0
last-modified
Fri, 03 Sep 2021 03:29:09 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 07 Jan 2023 01:45:52 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 5ABA
9 KB
9 KB
Image
General
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSP3ND0-_NUBwuqejCvizMoO_9lBGO1jX1P38P2uvmpcZWfEK4&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c3941abab3df343cce4a2650f1d5720ad793024ffcbb5f5f4a6f01651cfdce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 06:09:08 GMT
x-content-type-options
nosniff
age
549910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9514
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 10:12:46 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 04 Jan 2023 06:09:08 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 5ABA
6 KB
6 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS7t0fM3IxSorcoDrKvroR2Gfip5j2aMCljBQ9cn04sSNtakDM&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1727b1e62080859daba4ec290322de72a88b4bbf55c79c17863472f7fa180e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 10:44:12 GMT
x-content-type-options
nosniff
age
360606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6282
x-xss-protection
0
last-modified
Sat, 06 Nov 2021 04:12:07 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 06 Jan 2023 10:44:12 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 5ABA
11 KB
11 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ8rv90P9pOdiiRwPF-Mc0qM9kh8Hh3E6N5hJ89r3woFf33toHR&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13fc1c4371eab1db71b64c85f0670275f3b1bc27d3611b502b13c4a04a9ce73e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 04:08:48 GMT
x-content-type-options
nosniff
age
470730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11587
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 10:04:09 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 05 Jan 2023 04:08:48 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 5ABA
17 KB
18 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS_7ujgAzE9AGHazJ_WvIrdOpIJZcjDkPTHA0NbYXWJSum09Pw&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
059d3874da2c22ea3999d98597f4be9409eb86fc9ac533cda8daa25e475ce236
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 12:10:25 GMT
x-content-type-options
nosniff
age
528233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17535
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 10:33:51 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 04 Jan 2023 12:10:25 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 5ABA
10 KB
10 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSJUfPGry3QwI5rrCPj69MqZ5jZ0etRj9XhWnG07Wa0tD8n7JU&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92eb7f09e7360a8eab0a3b8f42c68681ca9d0dc779e670b781f776172fd8e7db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:02:23 GMT
x-content-type-options
nosniff
age
517915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9819
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 02:31:03 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 04 Jan 2023 15:02:23 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 5ABA
12 KB
13 KB
Image
General
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTab8bhzPrsRC3_cy6-B_lXBevNrv1Wu_PTAfFdbbpFnDK0AQY&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29dc3a6373ebb03a28f30a60dc579dae6e63eb65eea1a7ed91f7c04f58c695ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 23:15:31 GMT
x-content-type-options
nosniff
age
229127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12341
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 02:47:22 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 07 Jan 2023 23:15:31 GMT
4110287300117681572
tpc.googlesyndication.com/simgad/ Frame 5ABA
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_vZnY6gEQgBkYoAYyCHLdaSbdksHw
  • https://tpc.googlesyndication.com/simgad/4110287300117681572
211 KB
212 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4110287300117681572
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H3
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
552029aec3b3afc11b764f721b1593dd868d231d7c0913518002be8fdd84e9c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 17:54:31 GMT
x-content-type-options
nosniff
age
593987
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
216546
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 11:35:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 03 Jan 2023 17:54:31 GMT

Redirect headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 06:41:01 GMT
x-content-type-options
nosniff
server
cafe
age
29597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/4110287300117681572
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 09 Feb 2022 06:41:01 GMT
css
fonts.googleapis.com/ Frame 85F5
14 KB
924 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&lang=it
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31845239723f6a0defa4a8ea86ef760282ba4b4c376b35dc162a0cdf18551856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:54:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 14:54:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 14:54:18 GMT
css
fonts.googleapis.com/ Frame 85F5
14 KB
924 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31845239723f6a0defa4a8ea86ef760282ba4b4c376b35dc162a0cdf18551856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:54:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 14:54:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 14:54:18 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 85F5
32 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56f34efe26e2bc0f086fd88f6b1a729d65bcacc04715b569117aafb39088781c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:50:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13157
x-xss-protection
0
server
cafe
etag
16738487673499282991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:50:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F382
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 10 Jan 2022 13:26:12 GMT
expires
Tue, 11 Jan 2022 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
5286
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 85F5
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:50:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 85F5
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:43:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 85F5
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 14:54:18 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 85F5
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:49:04 GMT
l
www.google.com/ads/measurement/ Frame 85F5
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBXfULyX7xSd7IiR72P8Qfd7uIVjbsfPuLIFRmvBbbcURFJLYGz0P9m3Xfa1yqSm7-wzIpd4_ijogrJ7bOjKyJua-egg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

css
fonts.googleapis.com/ Frame 6030
14 KB
924 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&lang=tr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31845239723f6a0defa4a8ea86ef760282ba4b4c376b35dc162a0cdf18551856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:54:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 14:54:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 14:54:18 GMT
css
fonts.googleapis.com/ Frame 6030
14 KB
924 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31845239723f6a0defa4a8ea86ef760282ba4b4c376b35dc162a0cdf18551856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:54:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 14:54:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 14:54:18 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 6030
32 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56f34efe26e2bc0f086fd88f6b1a729d65bcacc04715b569117aafb39088781c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:50:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13157
x-xss-protection
0
server
cafe
etag
16738487673499282991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:50:30 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 6030
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:50:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 6030
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:43:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6030
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 14:54:18 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 6030
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:49:04 GMT
l
www.google.com/ads/measurement/ Frame 6030
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVMqzRfJeW_0re3pw6yM8azftVILXw-JFhroILe-8pEgRoj5TfuL-0U-vCQF6X479feS3PMUmhdEECdGNN9fbpHcr5Vg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

css
fonts.googleapis.com/ Frame A8D6
14 KB
924 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&lang=tr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31845239723f6a0defa4a8ea86ef760282ba4b4c376b35dc162a0cdf18551856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:54:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 14:54:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 14:54:18 GMT
css
fonts.googleapis.com/ Frame A8D6
14 KB
924 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31845239723f6a0defa4a8ea86ef760282ba4b4c376b35dc162a0cdf18551856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:54:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 14:54:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 14:54:18 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame A8D6
32 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56f34efe26e2bc0f086fd88f6b1a729d65bcacc04715b569117aafb39088781c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:50:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13157
x-xss-protection
0
server
cafe
etag
16738487673499282991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:50:30 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame A8D6
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:50:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame A8D6
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:43:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A8D6
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 14:54:18 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame A8D6
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:49:04 GMT
dpixel
cms.quantserve.com/ Frame F382
35 B
465 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAE19MO_E2UIl2onykWCO_Q&google_cver=1&google_push=AYg5qPLXKhHpmpbE4_7B4sQ0qNuLbhtJQXCJx8rHl-nIu2JfwjveU22jyuYEpMgm6ftj93Bm1R7h52kZyfV3LIQk3DKkWxpYZTO7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F382
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKFrLk4UJGaIKTkwhYTMkQ0f0qLQc3GijuV5hT...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWR4SW13QUFCU1o3TlV2YQ&google_push=AYg5qPKFrLk4UJGaIKTkwhYTMkQ0f0qLQc3GijuV5hT0vot5dCaLeHJMJmSJiTOG6nTAy2D0vuELkTCVfTXxO078Iuv-pW-awKtI
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWR4SW13QUFCU1o3TlV2YQ&google_push=AYg5qPKFrLk4UJGaIKTkwhYTMkQ0f0qLQc3GijuV5hT0vot5dCaLeHJMJmSJiTOG6nTAy2D0vuELkTCVfTXxO078Iuv-pW-awKtI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWR4SW13QUFCU1o3TlV2YQ&google_push=AYg5qPKFrLk4UJGaIKTkwhYTMkQ0f0qLQc3GijuV5hT0vot5dCaLeHJMJmSJiTOG6nTAy2D0vuELkTCVfTXxO078Iuv-pW-awKtI
Date
Mon, 10 Jan 2022 14:54:19 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame F382
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIDMpIU...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIDMpIU...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDAxMTE5Njg4MzE4OQ%3D%3D&google_push=AYg5qPIDMpIUX8uBqJiWlZpNfBLhKP0bwwswP0TiSBhiEWu8qaa-sABQ1DE09aGKkYm99Y...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDAxMTE5Njg4MzE4OQ%3D%3D&google_push=AYg5qPIDMpIUX8uBqJiWlZpNfBLhKP0bwwswP0TiSBhiEWu8qaa-sABQ1DE09aGKkYm99YNo5AIZJYHassg7WFDZYkgLbLgM9us
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDAxMTE5Njg4MzE4OQ%3D%3D&google_push=AYg5qPIDMpIUX8uBqJiWlZpNfBLhKP0bwwswP0TiSBhiEWu8qaa-sABQ1DE09aGKkYm99YNo5AIZJYHassg7WFDZYkgLbLgM9us
pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 10 Jan 2022 14:54:19 GMT
dds
rtb.openx.net/sync/ Frame F382
43 B
351 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEB_DQwGlTpfWxkSRjTeQdks&google_cver=1&google_push=AYg5qPKS-KYLQ61m37G66mIYTzQTRyP-puW0K0IeC2DGvOH6WiktlSVpPSw9DE-hncu5x_NG3quRMyRwCL1he30iNUfmJTW2VkU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
08s5s6irck77hrnjodja257kn18g6ovs
pixel
cm.g.doubleclick.net/ Frame F382
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPITzRC7grbWDg13i-luu9iwHcBpgchAQECUS8WKSzihYvOdg7m6BiFVCpw5v69D6w2-9J6PfGtIA3s8mxhCe4mD7UzQ_2cB
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPITzRC7grbWDg13i-luu9iwHcBpgchAQECUS8WKSzihYvOdg7m6BiFVCpw5v69D6w2-9J6PfGtIA3s8mxhCe4mD7UzQ_2cB
date
Mon, 10 Jan 2022 14:54:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame F382
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELwzEdwv3bhaG7WVi62Nh00&google_cver=1&google_push=AYg5qPLAI9TWSmjA0cx7NlhQd_wVHJXkYaHtjljjV6vRX0ekDUOi0QKGTx895ZOVw7DLX0p7jfr...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaSVgtSi1BTjRW&google_push=AYg5qPLAI9TWSmjA0cx7NlhQd_wVHJXkYaHtjljjV6vRX0ekDUOi0QKGTx895ZOVw7DLX0p7jfrm7J6uJAkAY7alXwwBisIOigU
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaSVgtSi1BTjRW&google_push=AYg5qPLAI9TWSmjA0cx7NlhQd_wVHJXkYaHtjljjV6vRX0ekDUOi0QKGTx895ZOVw7DLX0p7jfrm7J6uJAkAY7alXwwBisIOigU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaSVgtSi1BTjRW&google_push=AYg5qPLAI9TWSmjA0cx7NlhQd_wVHJXkYaHtjljjV6vRX0ekDUOi0QKGTx895ZOVw7DLX0p7jfrm7J6uJAkAY7alXwwBisIOigU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame F382
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3P...
0
0

attr
cm.g.doubleclick.net/pixel/ Frame F382
0
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LhD75LeoslkP3kzd0wKR8OGeR8Wz8HW7J8VNSOjYNHgT_KZikCdqj4lyaKUxrsTTuKi3kA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
downsize_200k_v1
tpc.googlesyndication.com/simgad/4373349260395354112/ Frame 85F5
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4373349260395354112/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIvwIQpwEYASABLQAAAD8wvwI4pwFFAACAPw&rs=AOga4qm8-zFbpyuDVsSN6VJHTTSyOZdqNg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aab51f2e752fafd723ab5e6bac1a850679b91739119c6b02203680fca367331e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:05:14 GMT
x-content-type-options
nosniff
age
2944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13386
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 21:42:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Jan 2023 14:05:14 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 85F5
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cn_59mkjcYaG3EM3FywW7poegBPLm9bJnudqE8ZoO2dkeEAEgiuiLfWD9gpGE6BGgAZuHjoYDyAEGqQLGaKY7twGzPqgDAcgDywSqBMYBT9Ap3InP1wQ0B80xSwx9ctvB-1Qqur8H8zgQTZrc5V8qPRdpknycWn020MW40BVxL85fXQOHiH2MuVPVQNH51VI83yq0PpcZZVn_K5nWi2EvVvuzzP34QIid2NwJ5mVu_SiXw-639mbAsKKNGkahznESPxjbQA1uoYSLxjiN63Uu-Qye09hXbd5LM6SfArd17N25l-XxEINpNn_5eV6m0O7mf0TWR1uGXRgpYxR82Smx5bQId_gFKGV78VomYJWbkVuYdjFvwASxl7WK2gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHzfjxeagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMm5DtIICQiA4YAQEAEYH4AKAcgLAdgTDYgUBNAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NTc5MjQ1MDgyNTM4Nzg0GAA&sigh=wCJhKgIWPSo&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 10 Jan 2022 14:54:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame C316
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 10 Jan 2022 14:02:27 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3111
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7C39
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 10 Jan 2022 13:26:12 GMT
expires
Tue, 11 Jan 2022 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
5286
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 85F5
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&lang=it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:52:02 GMT
x-content-type-options
nosniff
age
262936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:52:02 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 85F5
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&lang=it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 14:02:00 GMT
x-content-type-options
nosniff
age
521538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 14:02:00 GMT
truncated
/ Frame 5ABA
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f9bb33465a25b3b67ffc235138831047715f7f49a5b68ee87a3851d300255ea

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
OD9cwLzP3ZijpYAAdq2hcBOpLnwSi_AQ43Bfdwi2uQdAoVJtpkHtKEU6qEwW1raxrmTIhMOhkI7beUi3r5qeRacLbgl9IZs=w720-h377-rj-pd-pc0x00e9e9e9
lh4.googleusercontent.com/proxy/ Frame 6030
95 KB
95 KB
Image
General
Full URL
https://lh4.googleusercontent.com/proxy/OD9cwLzP3ZijpYAAdq2hcBOpLnwSi_AQ43Bfdwi2uQdAoVJtpkHtKEU6qEwW1raxrmTIhMOhkI7beUi3r5qeRacLbgl9IZs=w720-h377-rj-pd-pc0x00e9e9e9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
851c0644befc98c7f726a7b39b2306fb0a6c2412a3033aa2a77b2b32d31db23d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:32:12 GMT
x-content-type-options
nosniff
server
fife
age
1327
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96898
x-xss-protection
0
expires
Tue, 11 Jan 2022 14:32:12 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6030
42 B
63 B
Fetch
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_b4BCDiWoygDx_X6YXhf4w8Ygw55MufFrZyY3zscectJreuwpGGTJ1RKdEm3y0RiHc0LGBUg_qm-P9BqI64Lw4Ihla0J6wZZiAzJEG9NRIHMImdfiWJEXsrs4lXPNEHXRb7jBMu8wOXJzpE3pPi4tNQ2liQ&dbm_d=AKAmf-BzImNu067-tULk6ZZDKKtZgNGTlsG9sYI6FyCMyqvjeL8QmpiBCFYMEaNBuO41Osjki_r3W7E29RcYvQLR3WmklNKXb1uRBu4DusZELLeyH_qZKkbv5iQhNFUAhhPlJpktitNnTWxHy4j-JfrP6bHxyxBL-Qeoo5lZQmXhiC3ESUDe946_wQgkyB39Ai52GseFYUXI5QtUhCg7wnzpNAi5I9HsPpHdAtQgnQ5eY7afP3PlGf6U4Bp5fqCyIsNAoa6AZL5baQdd1-blt9s5Fb0CcEvFMQXhIa4KPGKY1sgaVx1ar3yqleLNG_1oS1gGaco9bcFRcFZFUrHgoqvqG-Fp3qux1xC4-mIWC2gglRvkyby-YNlaNXRVa1FeTEoKk5UQr2x6rW8gqOtGA7HGqgdHjkeYceDgdyvf7OmJFUBt425tXYuPvZGIyrU-iVM8xcv3d23kRiIvXkNTXivTHqPVeWC7HOS-sAnE-oRbcZZduTP-WnYL1XYIZhGA3BRYxXfvU-hbuT2DbT9olr9uWEf4WM1yTI4ALc2xfTqEljSn1tjfo_JykgODNsunfAFdPfcN5B1teexFXrpG2y0lhv-TIfi-m2qCmJudw4w_KUB6GAFhrZLzWM-p3XFCGZQ5nogr4b3m2vhkYF9M9pGRF_zEjYqRwTfrvMMIEQe2WwinNFzS96DYxZdWBnpkQXQqO5OQ7IAM5oMWPkP9kcvIiYpRzNKGyAF9Pwm6AvTcQdZEa9R-erFQDlI3LeOaYt1MIkOuHTKTxLt4J6RcHirhApLFqI1W-svaUmu9_Gl9Imh0GYdUNJQRtaPHX5CaV4ECjIWNK5r1qvHbMxSGUHxka4efoQLwkPDdBV9qiaV4eT4LYUZCasGu4yFWGUMwx1BOlSiKLCrbz8lWLE8Fdmmo32oCdKwxB--ow7Vfs4eel2OSCBzthil2amkEaQMO2kdCggqmBh1mtFUBX-1kD163sHXVZEqojUFuj3ImB9btkdt2WB38GHNa-sc6F0GhXGSXTAERZqu8iH-jlfhVoNyydz4q0CIXvjOafXzye8ciUpIDorvlpRpbZ-w_ysMckiMSh0AzK6S7uvlLDIq-bY5JRWOc76Y-m_hbZxWs1R_c24MEvW3aLnGY9CO7CDf_ZQynmyWGLvC20SCmAdpDhTphle3vJ7AfgYE-pmKlNTrxCgvvQS2JN8Xd3vwKwM-4j_fAVU7GsA--aHhlFWSRjw5-7cJ_3qeU-3Wf0WQC-jctelKdbqoA73vf2K84sT0GFjzm54-d3xNdp0kvgTL_aNtGP7ZLWUln0ZAhVkVKtpJQX1aeozT2dyQDUbUKmfqtDLSK7P9Kx_gvB6xnBgVW4PDzlFxruuz2vvlbaHEgETI0SBq-t2EHiM-2y61LKURM7JgPXrz4UdHqy0G1o-f_5O8SkApf5-5MhPU-KfCJa0g8MsB_zVFj25jNGSCQRsihRShT5wJq3tRuF94l-uASk0HsLM0D3X3owhk9_0HxFMtYKuMYNxVcxSYinO0BvgHaJ2z0fl5IyXw5uFLxRWrS70rjzy6TITT5i80UhbQeaoXgsShO_nzLzCXrGyCnUHBgTdtkv1HFLeLqauSbwjO4W6roLAz34kgMInwVlX6LxV9JBntorCQVVxqhbe9Ppnayy_d8k8tWWr8dOaNfKNgMiA_SmQJB9CrbBwFmFKGhSlCpB54V62_iqy-oLCIfcNH0fCQkRNFe4XyJThbKqFkHDd9gswSpUxHdavFUtwNCLbb8ew-HAJTbrtb9DYjLwGkfQrq-DRAjRXhCoC8xXVOPfuqXsIcrajx88c6VWOpTr018krFe2ovjyF6sK3Vdz-V-nU3-J2P7KrlMZuY_7D7uSSSPWJBscjDw-UacmuT5o8SpQqbRFLDObjrM8eZPBZrk0I2ee9JPLYUOONNejI6RJmVSei0z3WrP93GuvvcsW17Jk0DW6PXmP_Yqdc4fGsygvvexk2PrnhoWGwFLdlCAB70c7ylzsspCX--UdMlpeUZOB7dCUGXZwEu_MeLJrmJXjEuJ-XD-LHniwFkJWXNLmoovarQ9hvFnF58nvl3wAfzV3eKM3WIaCPnJwMRi8gf2lKd44lRjqBbI-hVwmtOV7K99UdIAoB22b6zle7MeWRdXs8nFV6xMJjNNrP1zMzN-zfUEmypxW6xpCzZPzEjwdp-ArN9nZ3n7EIH1MFjOfFWzKz6WnG0As5QNUrbWOhKSn9CIGy_bGQD3v_U97-u-rvsY2Kabb0IjcUpvezG5-crMxYBul4n9-EXUwo5R_6tbK3SvEtK-awJQ2bwgYKjT9IBvS4Mhobi80F5BAiG18oDzxw7WJzbW_PkLXxHVTzxTVg0nbGbYyAb371uts5u_UZteiinEy47DFPLlT9Pv-esETH3cxVzqNPkBHdu6pj_6NUC2rg8guKkIE3bf7tMWBaV6hY_8wSBLCmW2xLSk9k1hCgHqNrwoI1fXjSC3irgOsx53oLoqRb2pq23Yh-qHKeMPLblQk7nao9r4bx9KTOMpS1krAOSiBBAlXH7udvThejT0hEr7gm_1bajGvzbfgwGaL3DHWC8p6Rjfx_opAGaBQASRY6s7EqfYD8Y2aJBwpv-JDT9j9qYCbqPRnZtXHmijnApLwU5LWysgLSylAqPkUcoZAO_ce5K3ZYM19yZsMkM-vHmNWQh7l1ewimtCgFt7BPdfPl2dKCmJW88hCZG00rl_DAB_D54LkphJAZcsChfVmSAiEtRh5K808iYBntOkk6GWrOLZNToepaXyRjqfoXoY0AKdMJqgaBQc7rOhKwBe7UYJlY2Mk__J_dJ9y_MSBg6nWKKtemwAIbV_StVhgCBa3pBRRuh1jyMZC_PvZFu5itEpGZQNC6zBkTVmBZ_Je2YBAdDWgVMxykx1ajLRacx8Scb_D5OzZszZG5kL29LtZRMCdT2OZ70Dl3eHsgUsPsrssvu6Zci4SYirOQki4yj87zo5JFTGAG8pEtYCki3JbJg9R0zl8tqA74jb9LJPSmzLy4GvFSc9GVJpPOv1sfGVcTMf_uAU-qMFZWzt_sfyv5H7wZUZdD__grw4ZG1hVuiRlt8Lo0j28qOQzxbe7ga4_h2Z3-zF1aYVda4We4WX2BpAhFVkJwnIiGzw19Gd0sROykZrjA&cid=CAASEuRoddT3G29AW31KCfkntR8YyQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impression_pixel
t.myvisualiq.net/ul_cb/ Frame 6030
Redirect Chain
  • https://t.myvisualiq.net/impression_pixel?r=1641826458267620&et=i&ago=212&ao=693&aca=26946955&si=6324608&ci=138945304&pi=323527181&ad=515887848&advt=8122568&chnl=-7&vndr=115&sz=9973&u=$$17420933_15...
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=1641826458267620&et=i&ago=212&ao=693&aca=26946955&si=6324608&ci=138945304&pi=323527181&ad=515887848&advt=8122568&chnl=-7&vndr=115&sz=9973&u=$$17420...
43 B
0
Fetch
General
Full URL
https://t.myvisualiq.net/ul_cb/impression_pixel?r=1641826458267620&et=i&ago=212&ao=693&aca=26946955&si=6324608&ci=138945304&pi=323527181&ad=515887848&advt=8122568&chnl=-7&vndr=115&sz=9973&u=$$17420933_15780589130_400469263$$&pt=i
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
HTTP/1.1
Server
18.192.164.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-164-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 10 Jan 2022 14:54:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://t.myvisualiq.net/ul_cb/impression_pixel?r=1641826458267620&et=i&ago=212&ao=693&aca=26946955&si=6324608&ci=138945304&pi=323527181&ad=515887848&advt=8122568&chnl=-7&vndr=115&sz=9973&u=$$17420933_15780589130_400469263$$&pt=i
Date
Mon, 10 Jan 2022 14:54:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
skeleton.gif
static.adsafeprotected.com/ Frame 6030
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/903156/59280833/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=17420933&ias_pubId=pub-9579245082538784&ias_chanId=1&ias_placementId=157805...
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
43 B
483 B
Fetch
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H2
Server
2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
age
13559985
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
8PCO1mDXAxmv6BgorrnN3lxsyAaMEGVCRyhxUF5vj7XwDybrEcsWRw==

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control
no-cache
content-length
0
server
nginx
adview
googleads.g.doubleclick.net/pagead/ Frame 6030
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CB8ImmkjcYeSqEIe6ywWAyITwA764gM9n5_KNs7IP__WQ49cCEAEgiuiLfWD9gpGE6BGgAfmfiqICyAEGqQLGaKY7twGzPqgDAaoE6AFP0KHjerpj3GLzMTlYfEJKkhjwm0rJGSChMnUjdHkMrPXeh-wIvVrw1AkVNNo1efcRjPRbNhHqP4FezvdQujN7hbD_QZ12R36EeqPbhyWlIA1abNU3kYJcTZ8AUEofYSgIz5Pq3nYCt2lrv6KIEaXy6d6Xn7dQ3VGK6o-onnlGZ_zocCZmO3PrCAylgKT0ww13svY4awOeJJaDTpAxwgw05FjxhXwyPm2dknXS906agUoJT1pv-KYAgSAMWPfkutLazsrKGC1PGCCZOMC3j4HZBU47YkfnZKEmRFMZLYkr4ScDSlNTszT9wAShzpHv6APgBAOIBcrc4uQ6kgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfv3_XdAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcKEOC7ARiP2vq-AdIICQiA4YAQEAEYH4AKAcgLAbATiJnpDcgTnZKqCdATANgTDdgUAdAVAYAXAbIXHAoaCAASFHB1Yi05NTc5MjQ1MDgyNTM4Nzg0GAA&sigh=FWroKg4m1oY&uach_m=[UACH]&cid=CAQSOwCNIrLMq_Qdy_00PXULbQGz4HyWrRcwqDqlZ_2bY0NFWbQcTQO0FtAqnc82c69qZO4mxp_na8iZHQM5&template_id=509&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 10 Jan 2022 14:54:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame EAC7
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 10 Jan 2022 14:02:27 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3111
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2015
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 10 Jan 2022 13:26:12 GMT
expires
Tue, 11 Jan 2022 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
5286
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 6030
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&lang=tr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:52:02 GMT
x-content-type-options
nosniff
age
262936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:52:02 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6030
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&lang=tr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 14:02:00 GMT
x-content-type-options
nosniff
age
521538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 14:02:00 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 5ABA
20 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 09:49:59 GMT
x-content-type-options
nosniff
age
450259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 09:49:59 GMT
truncated
/ Frame 6030
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80c1949158a74f51af0bfe547a89908e15bd8a975d852d49cfa7c6cdd7906289

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 85F5
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
642036a564c8fbbc2391bd6061c69967e9e244e6a4d1bfa2f3f014dc173808f8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
OD9cwLzP3ZijpYAAdq2hcBOpLnwSi_AQ43Bfdwi2uQdAoVJtpkHtKEU6qEwW1raxrmTIhMOhkI7beUi3r5qeRacLbgl9IZs=w720-h377-rj-pd-pc0x00e9e9e9
lh4.googleusercontent.com/proxy/ Frame A8D6
95 KB
95 KB
Image
General
Full URL
https://lh4.googleusercontent.com/proxy/OD9cwLzP3ZijpYAAdq2hcBOpLnwSi_AQ43Bfdwi2uQdAoVJtpkHtKEU6qEwW1raxrmTIhMOhkI7beUi3r5qeRacLbgl9IZs=w720-h377-rj-pd-pc0x00e9e9e9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
851c0644befc98c7f726a7b39b2306fb0a6c2412a3033aa2a77b2b32d31db23d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:32:12 GMT
x-content-type-options
nosniff
server
fife
age
1327
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96898
x-xss-protection
0
expires
Tue, 11 Jan 2022 14:32:12 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A8D6
42 B
63 B
Fetch
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5oxS44lnwCrkDMtbD3xQQeolQSa41GC3gK6qQyNQg7ocfAEoXQDS8OPptjGZfkccWa-UUTVhaF8J8o5C253W602A1QXdKqikmJCD-gNZ7niI8QHQ-sxHzCtFztknyXrSNdD8q9ukxhqWS4sVHHeJeAcqo1g&dbm_d=AKAmf-Db1BEXp2IMfukbawPOF2KQHG1yUXPiKzYbI5O7dKm85OzcDQFrR6-M0MHLjmpJLqf6h4G4FBdTgz_JJO8J3jXXgYBJj_isJlWskiw-dofo26lfNAi2hSPBUNy5j3CgtYWWO6c0Vkss8T4bqUHgPLtfj7L_onjsBdfO2-QLzJHz9iLfcJcNIL9x_FZhVTSm-ihFVSKoi899kZcxw3T5g1yA5LOz7rvbBnLM2X3rRiIext3t58g9tNtZFCQhDZcks98FmvYu_ry-8K2ohQBIRrIGMwQAD6XCS0s97Up7ipOoXHk5KagQAK3NMg9Da0qqrOqRydoE2GFpSeHOAjYU6ksblVnUgRAia4zN1Zv1unzRUt8NIyh1Inw0LGr8m87OrSZ0ttWcP6cdujumhVPNz7GGeF1Ppjb_Ff8FJFPI_xgtfonmNtotFBfrLoMYpK2iCo1IJUDheO3Heg9D0ZawHSQm42owWNqhN96i6_uZsZ8GsvkcRyeEwwDJDuqTZMtBIXcgWGzaJ8OfB7dMM_G67nsksvZNdd5QEoSZevrZBVckQNTv7fQ3U7A3MBXk8O0ScVBZ-0vq1LDMMC4jGT0Lk_CHl0DPb5fops-WXnHsNhF5uny_BzmzC92HfAM0CADtjD60v1YWfny2rGc57ek4aV2l1uoLlVWzGh1L5i7it11feWYMrfmhdPijTd8fZG9IYaLcmTb3lEGuSr35VGMrw-zyUfgjp68HiYuaj_AVIfg99LaMn6WWqWcReA2uHnMkqBnnVRbglL9X8eBuRyRlCZIAO4l4-YF2PaZ11g10YuA9tUsztArPo_BPtBuZn_ORFctK-0aJyqJC-eQbQYeZpcLMvXEL_ZqblwcEnk8dMzAcv6A_mss22C9lQFOwuX4XOUOh5KlTLRnwjnaZcRTa-lDFZW8r5s5_9MER24JobMu8Czfw51GDqL9NHMEMj2WiVMSAcRGPyWoCJMRb2gTJ4Pxoun2qh3kYA6as30xSPEttNMtTqDeNFAsHH8TgmreAzlgp9Mwm7Fs-obWiJW_54JyW4MPG4DvhA_s-kgigxsyGljS06XCpV0sQCL04iUQyZUhVOnHhWC4CI4CoYA4aGm0A1KbI5VSS0VrVWa70xlQ9LRUo1emsnoMe-yTBTdTIfEJmpwEBxBIBqJw6egI_ZFCO1mmqD86N9Z4oKogbv8vqAEUVmEbR23zkRl0TQqUK48djqWwAXitK8feqNC2OromHgupjxsoaQ9haSA77EBY12hLln_0rRLkQTV_WDxYFhepmMwtZX6dQfixwhmj2z_9GUK2ZZox2BigV0NcS7Sf4E6xDZQIGFgpJ3T5aFTDA3NXffcYioxPhIicC_Y0UUiz2VS-Vz8sK9ZM-iFDzBmCzB3kYy4G7rmiSJkGbQ_eTK2Q5IxT12dYYBUfWhvpzFmf5o9D1m7FgLmsKQOMP8NZ4ZJbm2QbuVmVQ35_UHHoYXWjSHzHCgD31dfLR8iJqzbSCvjk28QoKzlPALi6kjihB2QdXdGASU_u9wSyna6yPNiHz7E4WwBAAO30ZXBcz4NRr3z4-JXKMHL_Req4o93koZsgtrSO7YnP0RwkWeRyE8pDeQ5RlndcLScbEgbuvBpDem9j20f-1eXt0fmgxvZtYTr8W9EeD_g2eQMLaiBbsQkpbxsS2qMrb06dDSIcBn1EAFbz4wEEaVi7jfc0O5Vx89p9u13KMpW8b_5FU8RYQTww64S4bBCURMwxWOxv2QP6VuyuvnmwlKHBT2aZY1fEe7F38tAB3poX59x_0OOQ3RkPha5DzP_gjO-nFJdJVmT3A9m_vt8FumbNqXEI0C3LVKVRy1s3cKofKvjhG2m5e5xgII9otnrT2fnualSDdkxiU7wiQzsJ50ktqnyWOa2yBfeJhqcl8daqaw2PDI32Fzij9uWI_OBYd5ek2FcCdrywYZ3FA5EhYZioxHbqeh-c54OhAVZu4A9WyJ686QWprejqEK3z71pEifyu5fYzl4wFx-Cy2BKyb0Tma-HGNn5uQ4_6dztxwIeA3cYLNCkx31R4129nRJ7GPPLzI5QB5dPFmQVsXVFrQVsG-FusmoumGLU0Syv2qBerTZpR2pj5uzugUGdFxuCBluwZ4gAIDgU9JUQzct63EfJPoVVMsZalyHN4UrpOPOu-WU1PehZLDuyKuTVTDzm0mA1ARNFiwjApxzsuXDXiDQwOu7T3IAXQ-VohLZ9d-_7jjHQ9HRLkCGq_fekPr1_ASIbJsJqF300mXi_WVqqxMRaXcVeVPeCWlM2A-ZadlXl1iJSpKft9eyFs5xMjIkibV7e-lT8bA72D5w9uzMke5BVrHLV_b1tipTVCqK36svT3R8H3isQ0d92O_B1_6UPmoTNhm6MpaW1lA1-eZyV3KPKDf2xdmrZCdzAe3_UbKOXnYECmctBeyHbcduG5Rf0oeap920kI8_HCZnkPq8HCsh08oFQXvv_rM_SDGZQ4E_NbDknUTjJXhdpwLTjU1zIWyxteITOWCh0IFw8cOdH9_ji3vQmy8ljr5BTDWrCEPJaWrLmUVs5rQPICnw47xNCzivGFCRiAo5zfi2edRzFXvf3JQajvMIdTTxqtg54BlakUC_ODbOeipchuV9hmH9CSxnUKktluUJsTt8sjl2-U0VUDdr6c5BeYcSTXX6mwHrHuqyl7Mz-Nxz9yp9whQ9I8nR1w2JP3ViFYZ5j0Q7OdCqvkpB62i0-kEXsQ_1oasvHRygQP6TZxBdwozxYIKoaaKRxVi3gCCxEouUAqYjZFkBmEM-RjnU9uJEJySkuif9CmM23lrJMb-mQmRzqu5kCdTL7GQ0smhtJbH54sOhCDYNCJVDKIqylcepPoBDbFZIO8k_OffkLZ2zKTdDjLjQOH8W0MLHfJr-tKt_8ikbngg856lOQzzz6jhVqpKP4UH_xTKS3C0_PZIaUDAUq0ZX5IarW6QlbHjZflwiTYaKQa2Y-_n1jl7ql6uvfR5nW4v69j3f7KModCkDkxJ7GNughsQ0AwY4BrHtmZZoaKbfOPS7fdKHfP3a6aezTVLzFsaYAo0zHSY8O6BMHna9lxpgnIA-ogL_iDkV9tcEMAnoT3I2P1O05Z-LzgKQV2oP5tmAB3qChENdxm0g5aoK6t0&cid=CAASEuRogkjViGgE8GmUFcZbwNve-A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impression_pixel
t.myvisualiq.net/ul_cb/ Frame A8D6
Redirect Chain
  • https://t.myvisualiq.net/impression_pixel?r=1641826458246974&et=i&ago=212&ao=693&aca=26946955&si=6324608&ci=138945304&pi=323527181&ad=515887848&advt=8122568&chnl=-7&vndr=115&sz=9973&u=$$17420933_15...
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=1641826458246974&et=i&ago=212&ao=693&aca=26946955&si=6324608&ci=138945304&pi=323527181&ad=515887848&advt=8122568&chnl=-7&vndr=115&sz=9973&u=$$17420...
43 B
0
Fetch
General
Full URL
https://t.myvisualiq.net/ul_cb/impression_pixel?r=1641826458246974&et=i&ago=212&ao=693&aca=26946955&si=6324608&ci=138945304&pi=323527181&ad=515887848&advt=8122568&chnl=-7&vndr=115&sz=9973&u=$$17420933_15780589130_400469263$$&pt=i
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
HTTP/1.1
Server
18.192.164.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-164-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 10 Jan 2022 14:54:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://t.myvisualiq.net/ul_cb/impression_pixel?r=1641826458246974&et=i&ago=212&ao=693&aca=26946955&si=6324608&ci=138945304&pi=323527181&ad=515887848&advt=8122568&chnl=-7&vndr=115&sz=9973&u=$$17420933_15780589130_400469263$$&pt=i
Date
Mon, 10 Jan 2022 14:54:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
skeleton.gif
static.adsafeprotected.com/ Frame A8D6
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/903156/59280833/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=17420933&ias_pubId=pub-9579245082538784&ias_chanId=1&ias_placementId=157805...
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
43 B
482 B
Fetch
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H2
Server
2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
age
13559985
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
kUkzFzLKmTgcR_YN2rwfm-lNr9-q2Eb5T57IaQw1_JDdKCovwBOB2A==

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
x-server-name
app13.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control
no-cache
content-length
0
server
nginx
adview
googleads.g.doubleclick.net/pagead/ Frame A8D6
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CoO4qmkjcYb6JD8qTgAfu2YjIBr64gM9n5_KNs7IP__WQ49cCEAEgiuiLfWD9gpGE6BGgAfmfiqICyAEGqQJahQ0IEACzPqgDAaoE4gFP0JfVkfYl9RvFsTe_lLkwkTrf3XL9_EAala3S2AG9ypg4i7Ar2iqT_Ty3EbqO4lf3hwpN8qev1TpCXlk6zgTPT-Po65hCjLcmfPo-HNTBSWRPKCb0EVeXOc5UcH8WtJRLm4rXFhp_EBBPrP5afi6PoPTBZmJ4N9Xc3EDVIA-W_cXZvzzCxzrSNGA4ukRI30tMqwIxoaHn7ZJyEuDnZ2SaXgUhHgMOUvwxKJT0jE14gOLry0sS12p-t44gKsOJhe7BixpSUaJEcX7TDcp9Q49SQ8bK-zZOSzDeBJTomtGSewCOwAShzpHv6APgBAOIBcrc4uQ6kgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfv3_XdAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcKEOazARiP2vq-AdIICQiA4YAQEAEYH4AKAcgLAbATiJnpDcgTnZKqCdATANgTDdgUAdAVAYAXAbIXHAoaCAASFHB1Yi05NTc5MjQ1MDgyNTM4Nzg0GAA&sigh=Pg55V3tsMvE&uach_m=[UACH]&cid=CAQSOwCNIrLMo5-1z6Acniz1Ckf7Ga0syuSA8Cd1Df7s4ZWsAg8EkpQaUwRZ37_y2zqZFqXM5qsjRlPidwDE&template_id=509&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 10 Jan 2022 14:54:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 79E3
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 10 Jan 2022 14:02:27 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3112
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AF52
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 10 Jan 2022 13:26:12 GMT
expires
Tue, 11 Jan 2022 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
5287
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A8D6
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6b3e55aa3333fe10cb5b557a1bd82efd49970d2094246b19bf626bfc533469b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame A8D6
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&lang=tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:52:02 GMT
x-content-type-options
nosniff
age
262937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:52:02 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame A8D6
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&lang=tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 14:02:00 GMT
x-content-type-options
nosniff
age
521539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 14:02:00 GMT
css
fonts.googleapis.com/ Frame 0F2E
14 KB
924 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&lang=tr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31845239723f6a0defa4a8ea86ef760282ba4b4c376b35dc162a0cdf18551856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:54:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 14:54:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 14:54:19 GMT
css
fonts.googleapis.com/ Frame 0F2E
14 KB
924 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31845239723f6a0defa4a8ea86ef760282ba4b4c376b35dc162a0cdf18551856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:50:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 14:54:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 14:54:19 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 0F2E
32 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56f34efe26e2bc0f086fd88f6b1a729d65bcacc04715b569117aafb39088781c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:50:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13157
x-xss-protection
0
server
cafe
etag
16738487673499282991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:50:30 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 0F2E
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:50:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 0F2E
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:43:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F2E
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 14:54:19 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 0F2E
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:49:04 GMT
94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
pagead2.googlesyndication.com/bg/ Frame 3A99
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=313&adk=1824446693&adf=3043856738&pi=t.aa~a.1758656982~rp.4&w=850&lmt=1641807152&nsk=688607e7&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x313&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=0&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308%2C850x312&nras=6&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=Oll19g6Z5G&p=https%3A//www.pdfindir.net&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
2813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 14:07:26 GMT
pixel
cm.g.doubleclick.net/ Frame 7C39
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED_lKHdhppHq0fQsNwSPrho&google_cver=1&google_push=AYg5qPJMzFCzUES7qLeEUr_4CC3N4X5fV4oBXlmPzE1gaRe1klXPFdXqZJ...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJMzFCzUES7qLeEUr_4CC3N4X5fV4oBXlmPzE1gaRe1klXPFdXqZJCTWQWANq_VvQVIrVMpaitJAsBjit4gFUdT9_VbHQ&google_hm=lxkv-X-R...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJMzFCzUES7qLeEUr_4CC3N4X5fV4oBXlmPzE1gaRe1klXPFdXqZJCTWQWANq_VvQVIrVMpaitJAsBjit4gFUdT9_VbHQ&google_hm=lxkv-X-Rw4S9j7N9UxVnww
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJMzFCzUES7qLeEUr_4CC3N4X5fV4oBXlmPzE1gaRe1klXPFdXqZJCTWQWANq_VvQVIrVMpaitJAsBjit4gFUdT9_VbHQ&google_hm=lxkv-X-Rw4S9j7N9UxVnww
pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7C39
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJ8g4iwHui4fVea015aWzRfMFtEcCRd0M7Xxm0SILjT-jx-Z7n-OblRwgLVPyLfJCVLmWIJBtQEAfDps_h77b0lAQ5mbA&google_gid=CAESEDJlQqF6GIIHJfB8B2FhVRk&googl...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJuR8Y4GEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBKOGc0aXdIdWk0ZlZlYTAxNWFXelJmTUZ0RWNDUmQwTTdYeG0wU0lMalQtangtWjduLU9ibFJ3Z0xWUHlMZkpDVkxtV0lKQnRRRUFmRHBzX2...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSnFRbW9VaDdvSXFiNnYtcWpPMmF6Rm1XUXVjQmRrX1lza3JWMHUwSXpWSQ==&google_push
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSnFRbW9VaDdvSXFiNnYtcWpPMmF6Rm1XUXVjQmRrX1lza3JWMHUwSXpWSQ==&google_push
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 10 Jan 2022 14:54:19 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSnFRbW9VaDdvSXFiNnYtcWpPMmF6Rm1XUXVjQmRrX1lza3JWMHUwSXpWSQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7C39
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLOdJev...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDAxMTgxNTIwMTE5Ng%3D%3D&google_push=AYg5qPLOdJevnn8LR7HDfMtvQac7oV90qu8TT4Y-YZ8zbSqIGzkWhR_YW3X8X6qKvKbUNu...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDAxMTgxNTIwMTE5Ng%3D%3D&google_push=AYg5qPLOdJevnn8LR7HDfMtvQac7oV90qu8TT4Y-YZ8zbSqIGzkWhR_YW3X8X6qKvKbUNuAXqyWKG97is1_AXfBvX6UtUtM7oAA
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDAxMTgxNTIwMTE5Ng%3D%3D&google_push=AYg5qPLOdJevnn8LR7HDfMtvQac7oV90qu8TT4Y-YZ8zbSqIGzkWhR_YW3X8X6qKvKbUNuAXqyWKG97is1_AXfBvX6UtUtM7oAA
pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 10 Jan 2022 14:54:19 GMT
dds
rtb.openx.net/sync/ Frame 7C39
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHPp6IhgWumCOKSXXdysZSQ&google_cver=1&google_push=AYg5qPJQ3YNI5ndl30HikkvRQL7v0Zxvss7Mq2pv-FJAjzDXMvK132naUmYDDixqQTAeGNQWIawwJas-CYqKXoSgQ3G8yecQesg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
r0golbs83tole1sfscpvdtn33r95k867
pixel
cm.g.doubleclick.net/ Frame 7C39
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPISeW9b9rhcYKutwBZbnhQfE7spyvE6r6J4bH96GRAhQSssRWno-ZB8Tbw71kILGy4w6YXVdwy9UN6pAH1JUB2z_9CYDNE
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPISeW9b9rhcYKutwBZbnhQfE7spyvE6r6J4bH96GRAhQSssRWno-ZB8Tbw71kILGy4w6YXVdwy9UN6pAH1JUB2z_9CYDNE
date
Mon, 10 Jan 2022 14:54:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7C39
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECUgDRzqejUzFeLIXGhivVg&google_cver=1&google_push=AYg5qPLK3GBBxJp2f3xZGlL6Tvp7BDbXnv1jRqOBIIx272-rzSINTxLR2VDI5YTE4CPwDooNDB0...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaTjgtQy1JUVA2&google_push=AYg5qPLK3GBBxJp2f3xZGlL6Tvp7BDbXnv1jRqOBIIx272-rzSINTxLR2VDI5YTE4CPwDooNDB0PiENT_dZsv7rXuw4UTKzDOhc
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaTjgtQy1JUVA2&google_push=AYg5qPLK3GBBxJp2f3xZGlL6Tvp7BDbXnv1jRqOBIIx272-rzSINTxLR2VDI5YTE4CPwDooNDB0PiENT_dZsv7rXuw4UTKzDOhc
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaTjgtQy1JUVA2&google_push=AYg5qPLK3GBBxJp2f3xZGlL6Tvp7BDbXnv1jRqOBIIx272-rzSINTxLR2VDI5YTE4CPwDooNDB0PiENT_dZsv7rXuw4UTKzDOhc
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7C39
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz...
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 7C39
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JOqk87tWsqHwbtDU7cpgih9i2LI51M0BPSgvboHn0_HMI4eorF-bU3MeuF6HAu8-Zz8ehB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 2015
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOKYMW6D8iv3vDZlVU_F-yA&google_cver=1&google_push=AYg5qPKDnHzKungUXH8PmCOlDS6nxBMRW8yi4BxCDE7upWVjzfzJP3Bd5l...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKDnHzKungUXH8PmCOlDS6nxBMRW8yi4BxCDE7upWVjzfzJP3Bd5lre9qPZ7v8YHRceRKrrjS5fSd80YZFbYyYulnmDLOt0&google_hm=lxkv-X...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKDnHzKungUXH8PmCOlDS6nxBMRW8yi4BxCDE7upWVjzfzJP3Bd5lre9qPZ7v8YHRceRKrrjS5fSd80YZFbYyYulnmDLOt0&google_hm=lxkv-X-Rw4S9j7N9UxVnww
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKDnHzKungUXH8PmCOlDS6nxBMRW8yi4BxCDE7upWVjzfzJP3Bd5lre9qPZ7v8YHRceRKrrjS5fSd80YZFbYyYulnmDLOt0&google_hm=lxkv-X-Rw4S9j7N9UxVnww
pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2015
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIotaMlBoyp8HmqUe_h4rPK6GHty8NV3cl3nb7...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWR4SW13QUFBYUBJNVNUOQ&google_push=AYg5qPIotaMlBoyp8HmqUe_h4rPK6GHty8NV3cl3nb7_yVstTLPZiU4n93u0CJyW_8bTWZ2YRb7YBSGhwXMb57lMGzkN66Hinpeb
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWR4SW13QUFBYUBJNVNUOQ&google_push=AYg5qPIotaMlBoyp8HmqUe_h4rPK6GHty8NV3cl3nb7_yVstTLPZiU4n93u0CJyW_8bTWZ2YRb7YBSGhwXMb57lMGzkN66Hinpeb
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWR4SW13QUFBYUBJNVNUOQ&google_push=AYg5qPIotaMlBoyp8HmqUe_h4rPK6GHty8NV3cl3nb7_yVstTLPZiU4n93u0CJyW_8bTWZ2YRb7YBSGhwXMb57lMGzkN66Hinpeb
Date
Mon, 10 Jan 2022 14:54:19 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
dds
rtb.openx.net/sync/ Frame 2015
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEBCjdHukRo3nhaUkfLHoM-I&google_cver=1&google_push=AYg5qPJ9Xe-lFpUfypbH4bPyLkPJZT_Aki3-Co9fXKTRgCeAyhOQsVcu5zp6RIuHO7BHHVOj9vQOtBnMiwEXt2q59RoB1tHt5hg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
716st91b7l80f3m20tclskcmsn7mnfc7
pixel
cm.g.doubleclick.net/ Frame 2015
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJjMVtr59C999hhvGa9CPMQS-2VbhyJhzZquFS8mYI9idfR32VpgmXrlRsaT0Ku9Ye3AC1J9124Avqr7z3dH89l8pj9EE
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJjMVtr59C999hhvGa9CPMQS-2VbhyJhzZquFS8mYI9idfR32VpgmXrlRsaT0Ku9Ye3AC1J9124Avqr7z3dH89l8pj9EE
date
Mon, 10 Jan 2022 14:54:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2015
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPqBXCPaUSg4ZS2sBJB2moo&google_cver=1&google_push=AYg5qPLdCPrtdY4NJCEm0GTSSx5uQYGrJWKJUCkUKbEBqJR0R4PSAAHf_isxJwRbFigfrVzylit...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaT0ctMVktSFZPUw==&google_push=AYg5qPLdCPrtdY4NJCEm0GTSSx5uQYGrJWKJUCkUKbEBqJR0R4PSAAHf_isxJwRbFigfrVzylit1ts5ZzuOaZQcwJRhA1ohGZDV2
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaT0ctMVktSFZPUw==&google_push=AYg5qPLdCPrtdY4NJCEm0GTSSx5uQYGrJWKJUCkUKbEBqJR0R4PSAAHf_isxJwRbFigfrVzylit1ts5ZzuOaZQcwJRhA1ohGZDV2
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaT0ctMVktSFZPUw==&google_push=AYg5qPLdCPrtdY4NJCEm0GTSSx5uQYGrJWKJUCkUKbEBqJR0R4PSAAHf_isxJwRbFigfrVzylit1ts5ZzuOaZQcwJRhA1ohGZDV2
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2015
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFxNRxmpMhughiWqaQAXhok&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1J...
0
0

pixel
cm.g.doubleclick.net/ Frame 2015
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAkhv4do3u31nahZc50G0uM&google_cver=1&google_push=AYg5qPIPY6__95L2ckAy-_qB...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIPY6__95L2ckAy-_qBfBaKRHMqQcYwBbegTN4DAQ1xaaPU6CGFUUO7i0xNHxlurRQD8QNMUnhiM_v8k6eZNURjaEi6LPG9wA&google_hm=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIPY6__95L2ckAy-_qBfBaKRHMqQcYwBbegTN4DAQ1xaaPU6CGFUUO7i0xNHxlurRQD8QNMUnhiM_v8k6eZNURjaEi6LPG9wA&google_hm=
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIPY6__95L2ckAy-_qBfBaKRHMqQcYwBbegTN4DAQ1xaaPU6CGFUUO7i0xNHxlurRQD8QNMUnhiM_v8k6eZNURjaEi6LPG9wA&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sun, 09 Jan 2022 14:54:19 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2015
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J78fBLTwOfIw6cXNlyDBzjyT35bN9tBfyXqUoxpJfa1mTj68FPeXalqHsSmEEDIWb1vx-r4w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame C316
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 10 Jan 2022 14:54:19 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 10 Jan 2022 14:54:19 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 10 Jan 2022 14:54:19 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
pagead2.googlesyndication.com/bg/ Frame 11BC
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=308&adk=2589179464&adf=948019352&pi=t.aa~a.872665158~rp.4&w=850&lmt=1641807152&nsk=826c57e4&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x308&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312&nras=4&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=dY9ItK8AbQ&p=https%3A//www.pdfindir.net&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
2813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 14:07:26 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EAC7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1151603423&pi=t.aa~a.3504636102~rp.4&w=850&lmt=1641807152&nsk=d2552bd3&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312%2C850x312%2C850x308&nras=5&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Ncj8ztbYmJ&p=https%3A//www.pdfindir.net&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 10 Jan 2022 14:54:19 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 10 Jan 2022 14:54:19 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 10 Jan 2022 14:54:19 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
OD9cwLzP3ZijpYAAdq2hcBOpLnwSi_AQ43Bfdwi2uQdAoVJtpkHtKEU6qEwW1raxrmTIhMOhkI7beUi3r5qeRacLbgl9IZs=w720-h377-rj-pd-pc0x00e9e9e9
lh4.googleusercontent.com/proxy/ Frame 0F2E
95 KB
95 KB
Image
General
Full URL
https://lh4.googleusercontent.com/proxy/OD9cwLzP3ZijpYAAdq2hcBOpLnwSi_AQ43Bfdwi2uQdAoVJtpkHtKEU6qEwW1raxrmTIhMOhkI7beUi3r5qeRacLbgl9IZs=w720-h377-rj-pd-pc0x00e9e9e9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
851c0644befc98c7f726a7b39b2306fb0a6c2412a3033aa2a77b2b32d31db23d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:32:12 GMT
x-content-type-options
nosniff
server
fife
age
1327
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96898
x-xss-protection
0
expires
Tue, 11 Jan 2022 14:32:12 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0F2E
42 B
63 B
Fetch
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsFTZ_ZxfJ5tl_JDLAIs5tSE4Qd0NDpShE9aqkO88c0qWnoPP3CXAkePx8Kygr4em2SVhA0SSbj18a9RSYGxVbDv2BVAAd5WVX7NMe_MkvAhhd25d7eyAAHNOZib5aEkKo7rOneEbj5zn6xQ-6rxgqYVWEbQ&dbm_d=AKAmf-CSiGtoi4AQZ00TC28A-0FFybzTveGOlsHWyupFeW4B9aJN6pRQO6WEuIqzzey-NmKSOP1BGdvadn13DX1SfL9mkTN3ncqcPaAslS82Jjv8NvGAL3DaiKGq54UkA7HIS3q4zdArR0RwvWYv5dsScOcvzXc2YlaQ_-_3LewMKKaJsjSgXFs2c2ir9GvsDn34MmI-IfnQG1TdRe4qJCiHydguZGS9RQN5igv6MU-UACzUaOO04hoIFvBVq1SYceeXEqfyrAim3QTTnWG4aOV1Ct1HiTJh25bMts3f0Mh1tT-Y87f2ieV2YkGW8FpGx-2IfNpX_b0duKNM24nVKIhql_AT8Td9kW4XNw_1WkUrlQCk5-V5sh9PaNv5J3aAT04xuSXrfXRzUOTaXM4tCWV7PKxjhAGYbP4P8p0Da1hp6Iw_9ZqpzPBxzh_xkJAEQcZRk0z702YJ5OLjcQmSXZsRq-Hc9b4igMcrkwFUwBMAJKqIlQrzD7F4791H5qPG64FhcwW4Ry0sNMyM1AChE15MN7n4LN0EvJTOFKtT18BXB8t8H2AgHGpQM-I-BILqkINynbn4cGZnMlgvn0Ik1GoM5ne5irjpBUNkSMc5nN_Ya6ImkGrEAEBaaZuQ_XqUFI6scE8MQapKqN8Go2OrwcW655UDNVfr6pCOhxK6Y8iWwxnZ8DhDYominUSqwtt7-ePXzFuM8eHzJ2mmRmD3C-wupY3GyRuKxUez7MW7nI9mEctqTINVAJeTAqZ4salMhHK3K0STzXC-y2b3Z1fd3p3BWtUTGmQLXgLcmBgWFQ8ubH4j5ZvQxN1Oo2pBXV5oh_MhtLC30fhf67HUFe_j360aLIaik5_uFjgzYOIRBgVAafAbpruP9t0OKbQdSY0zRjSw6n0JpKOAAKcN51mi6aPFrFVTbd6uN6VWsxLYUeCOj2ZjPowkySKJFjLZgGY6uC9wwOQDmq9ySPiD8ZaY5DI0p4ajv8YVkbCCF4LoOP2aunwu3hH6dhS1B4A8EWnZY3YOuNQCmc-NTB87os675MsM6wawulAQ1bBcQDzws_Zow1BXNH6vJj8wEPo4ecxmlP8T8LFzk6uOoBqCzSZqF2WFLTfk2TqOq6ZLrUVkuIqP8Yy2i4j4wEeteDUgt7Lf4A35hC8N7u-DPqtVCl1Yw9lsvhMY2hJXbY4o5clfyWymT6BRgzvWHg4hj_eduUrEh8DiVLSB7KfLrO-NOHLK9kMCUokepQFQC2toizCZzAHivd5j5FXm8NZJVN5BTlobSPZabjCJvwkfWk03m2mlSDizJrf8pTUd6sa1yGrnzu8wMiS80viT826Rex86cwdnBNwTALdfNx1tBOty2qaM7ZlD1IqL0sqmkW6KJfQLLDZT6kxUGtV3K69MmCqlPeKVmHi3UogDjrbZ_KhWKKNItyw8jEaV7YTRwEN5FXC44AKBxhgtDZ4OI0fSqzFf5rVwXcuQSlNdBDtJ5cjmFzYHdNy59SdPuyArCxg18JaIu5fqZwTD5lUbrgX2q_qsK9s-GrBSJmh8gyQS_q99pR2qar2AiynIx-0rY5sbVQ15n6voj0foRQycKwn3bMC_Fw2gN_DQjYyEgQp65MAd-oYiqvPE8PLrA-r2XkG0oXhVkPkkJDcX99CliUwZaVAr7wKcyvZZ8K1S18UsBMddzc37yA42fwQKm8iXYfcvmw19qaqvXKSYllrWJ2WNG1UMG82SBwAkStMnhIEOqZwzGHxZJ-lCEhc6JJv_5058nE1bch_S-DkdxphSG1Iqfm5EgmwmCwkQuwgUxXU48Dq0Aon884IjQ73ZE0bNQTJrgXyKnZCeLiLJyCk8xBA-FuktM9Dg9BKnHPXXse5KQv6yYVGSb7p-5KXNTZ8il6r_r7fmIf_5F4V537NpYyB_8g2oKn_Fd84FzH9gM6BY16kLXE5BCkdWK40n7LoKUt-Cc5vgwOeRmHK2gqUHhB_3cCNASn3SkM1xDdKrWtqlXPsG42Hf3VFnAIkoYDglAcoKy_WOHNdv7vwcp7F11780v16a2l-kIQ3Uya-YVYDXG-JVymxflyN-6Mo7YXwa2ZO1URgNo3HEG7I1euK1TGNPaRXBCd-G8rxvNfvEldti01_Wjq2ObK-GUwDPTNnUE98BOPTdaz88u85aXCwcO-AMNRgClKUWerbrZsCk5WWNLdR2x72ZjIUN4ZLR-dCCzzMpSyJgpkBxb-A2jfa6AlJu8yMNIQGqWwp7NzWFfyi2pIB4pmbxc5ljZIH5XVtd7nnT50vYC_t9VktS04wSeHijLCNQN8RG_-Co-1bX9qc2mGx0buAaPEo7FgKIXSYfTridkC_YxsS_54mirXxA5D9Zw6eAW2Yq7tL_vjLgH1_8iEp2tQ5-tzVTjx378rAOqm-OscIUSGRue-5Gvh0GEPVxWRI2OLRvm4Ea0WZexh7hxJBwvBZNWcClBeBVNcuQgOaQ-eZO3cUtoRkK-zeR_HZVntGaUZV--i3K-BGZx66fnhvH6Pfdh1AJObZf6HVfW2Eh0xdFKmrhuzIMbgXJyWX-D5DJi8dAut7-otAqig53vYb6G9eMrrM3P2vg-UiLbC_wujnpk1sZZ1ybI2fndcNsS_v0uE2_5pTLtwz4nQ4csouYlQ71dHeqFtR-JOj4ps0CAlrvHocIlSFZb1XZOORFdaINsmmZXRgnayFFmIV_ErZEAMeAVovyQNWGYgngjtbAos2N5Y4GAtDNu9xKLgWPEXtp0lsoMxcLdyp_QrGqxoEei-uuzTrNvxiSLlWa7SIUxrG-MaalgenFqHNWZZiGGefXOw8DJ8XbFvnSde2WsVGqWsauGoLp6-CGoAxi_6QbOCdWB0IERXyoqxpLxqfwZbWTu2ZRA-zOTRb1SOpRZ1IXPptcVPxxvcuDBN75gnyglFwHDwbWXacY8CscCsaEnQ95KeeP3ntZ3VaB7jMYMlo0c821TcCfGH9AWHeSL65A3Sm90XX3gY5lQGPNId-C1UZ36L0iWUa0tY0ngocpFsjAhZdqgNItTev-XiKNhSFBErPxyUmFv0bQMmol0XZpiCE9WJz3BfLLHhiR5FmHCeUZ8V4UCnhnf44Z1UD_xlHv2IjURNxPb6bfW2hodiG16lQhjaOG88U4VmwOrKFg&cid=CAASEuRoc8Iv3IckNIgkWHO1JIv1kQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impression_pixel
t.myvisualiq.net/ Frame 0F2E
43 B
0
Fetch
General
Full URL
https://t.myvisualiq.net/impression_pixel?r=1641826458267545&et=i&ago=212&ao=693&aca=26946955&si=6324608&ci=138945304&pi=323527181&ad=515887848&advt=8122568&chnl=-7&vndr=115&sz=9973&u=$$17420933_15780589130_400469263$$&pt=i
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.164.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-164-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 10 Jan 2022 14:54:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
skeleton.gif
static.adsafeprotected.com/ Frame 0F2E
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/903156/59280833/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=17420933&ias_pubId=pub-9579245082538784&ias_chanId=1&ias_placementId=157805...
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
43 B
482 B
Fetch
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H2
Server
2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
age
13559985
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
gRYrZjUhDwQ6qGtLy_NmlLpEPqEKFSa-Gmt92yu6893gr0ygeQSyQg==

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
x-server-name
app18.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control
no-cache
content-length
0
server
nginx
adview
googleads.g.doubleclick.net/pagead/ Frame 0F2E
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CLmExmkjcYZmqEN6OywXM1764Cr64gM9n5_KNs7IP__WQ49cCEAEgiuiLfWD9gpGE6BGgAfmfiqICyAEGqQJahQ0IEACzPqgDAaoE4gFP0O3cH58Ep0IKRuYPoF6vU5uj0c0hMZcQMpQXbIzTvz8So-Gsx88NRb-WjBSYzleQYKhZRggcpsaSMB6wZ-3cgGTnGDECuDucrgEn6XO4n-AamY7fl_kkN8ueoGJa8DkHdm2kzUAqltBRr9VOFEQokkF5rdBmbs1fBAUvBEDcFKi0O8_XMLd0Q1Eyc2klK_nPxPph-PbyOmnoH46arfJLxnKDF-mV02N_lTkjlS4zYraQ335xje2BCFd3ikTc5bdU_03dPmDUjOZuUXvT9CkjJ0tWrmfwUjFOiV-uLmUKXN5_wAShzpHv6APgBAOIBcrc4uQ6kgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfv3_XdAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcKEM3eARiP2vq-AdIICQiA4YAQEAEYH4AKAcgLAbATiJnpDcgTnZKqCdATANgTDdgUAdAVAYAXAbIXHAoaCAASFHB1Yi05NTc5MjQ1MDgyNTM4Nzg0GAA&sigh=0479sPf0f88&uach_m=[UACH]&cid=CAQSOwCNIrLMeR1xyKM0KDCGnwJIwr8QPgvCWUMpJMaaG1rZZUeWxyhb70YCVLJhq0kjVkdGQZKM9Dyfcz3F&template_id=509&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 10 Jan 2022 14:54:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8349
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 10 Jan 2022 14:02:27 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3112
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3579
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 10 Jan 2022 13:26:12 GMT
expires
Tue, 11 Jan 2022 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
5287
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 0F2E
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&lang=tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:52:02 GMT
x-content-type-options
nosniff
age
262937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:52:02 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0F2E
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Roboto:300,400,500&lang=tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 14:02:00 GMT
x-content-type-options
nosniff
age
521539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 14:02:00 GMT
pixel
cm.g.doubleclick.net/ Frame AF52
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGDEAiEcU8GEjgD5Xzfr8Uo&google_cver=1&google_push=AYg5qPI8w5TzSshE89Ej7nCenlxNOrJhKwO5gBSAQmrkPF7vSdNawznV-d...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI8w5TzSshE89Ej7nCenlxNOrJhKwO5gBSAQmrkPF7vSdNawznV-dhSuG-O0U6hzKmTdnXLitBFnqsUsjPhtNwmWwp2z0E&google_hm=lxkv-X-...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI8w5TzSshE89Ej7nCenlxNOrJhKwO5gBSAQmrkPF7vSdNawznV-dhSuG-O0U6hzKmTdnXLitBFnqsUsjPhtNwmWwp2z0E&google_hm=lxkv-X-Rw4S9j7N9UxVnww
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI8w5TzSshE89Ej7nCenlxNOrJhKwO5gBSAQmrkPF7vSdNawznV-dhSuG-O0U6hzKmTdnXLitBFnqsUsjPhtNwmWwp2z0E&google_hm=lxkv-X-Rw4S9j7N9UxVnww
pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AF52
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIv8pgQW2M5aQge_7HWJcSXfhuZuaUblXnf75Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWR4SW13QUFCVC1TMnlRUA&google_push=AYg5qPIv8pgQW2M5aQge_7HWJcSXfhuZuaUblXnf75QAjI16_9j1JDpB16uTsc7JNTLEu90u6-gK8pUzavSEDa5xbZjpKUOBzmfr
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWR4SW13QUFCVC1TMnlRUA&google_push=AYg5qPIv8pgQW2M5aQge_7HWJcSXfhuZuaUblXnf75QAjI16_9j1JDpB16uTsc7JNTLEu90u6-gK8pUzavSEDa5xbZjpKUOBzmfr
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWR4SW13QUFCVC1TMnlRUA&google_push=AYg5qPIv8pgQW2M5aQge_7HWJcSXfhuZuaUblXnf75QAjI16_9j1JDpB16uTsc7JNTLEu90u6-gK8pUzavSEDa5xbZjpKUOBzmfr
Date
Mon, 10 Jan 2022 14:54:19 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame AF52
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESELL61n7L-EVNCnvttE_VTTE&google_cver=1&google_push=AYg5qPIfUp0AE8QUGBVIex-myhCmdxjKFcpXAJ_7kmaGm2tX-o6qTo_F7NjB9q3_GcBg4sOT-BwEOO2Km6pXHYjcRpjWCgqYvKs
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIfUp0AE8QUGBVIex-myhCmdxjKFcpXAJ_7kmaGm2tX-o6qTo_F7NjB9q3_GcBg4sOT-BwEOO2Km6pXHYjcRpjWCgqYvKs&google_hm=Q0FFU0VMTDYxbjdMLUVWTk...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIfUp0AE8QUGBVIex-myhCmdxjKFcpXAJ_7kmaGm2tX-o6qTo_F7NjB9q3_GcBg4sOT-BwEOO2Km6pXHYjcRpjWCgqYvKs&google_hm=Q0FFU0VMTDYxbjdMLUVWTkNudnR0RV9WVFRF
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 14:54:18 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIfUp0AE8QUGBVIex-myhCmdxjKFcpXAJ_7kmaGm2tX-o6qTo_F7NjB9q3_GcBg4sOT-BwEOO2Km6pXHYjcRpjWCgqYvKs&google_hm=Q0FFU0VMTDYxbjdMLUVWTkNudnR0RV9WVFRF
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AF52
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK_9TQc...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDA0MjIwMDk1MzQ0MQ%3D%3D&google_push=AYg5qPK_9TQcE6s0mI2iAyQwxK27Waj5-SXZT9YQFLu2k_TTM4yB1qjOfniP_95_V-j2hO...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDA0MjIwMDk1MzQ0MQ%3D%3D&google_push=AYg5qPK_9TQcE6s0mI2iAyQwxK27Waj5-SXZT9YQFLu2k_TTM4yB1qjOfniP_95_V-j2hO6VY2YvG7_HH2v1zuMoIMIAWrZDSWmm
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDA0MjIwMDk1MzQ0MQ%3D%3D&google_push=AYg5qPK_9TQcE6s0mI2iAyQwxK27Waj5-SXZT9YQFLu2k_TTM4yB1qjOfniP_95_V-j2hO6VY2YvG7_HH2v1zuMoIMIAWrZDSWmm
pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 10 Jan 2022 14:54:19 GMT
pixel
cm.g.doubleclick.net/ Frame AF52
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJMYLTARtJ81miqPhMUlgL_AI7kmpFe2nd1-Aer7JAkRA5ns4rauW-kEMBmFXBHgtBid4dEmvx8wMjV4HxNbBwG5_WmNtbW
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJMYLTARtJ81miqPhMUlgL_AI7kmpFe2nd1-Aer7JAkRA5ns4rauW-kEMBmFXBHgtBid4dEmvx8wMjV4HxNbBwG5_WmNtbW
date
Mon, 10 Jan 2022 14:54:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame AF52
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECN_WoJ4n_j20pGmYx-FR2w&google_cver=1&google_push=AYg5qPKc4WA8YymKOQ3_0qILY70PZt_sG4UKnxM-Umixl2vdhJOpZJiHedG1nq2YootoeTi3KUK...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaUE4tMTUtNzFNUA==&google_push=AYg5qPKc4WA8YymKOQ3_0qILY70PZt_sG4UKnxM-Umixl2vdhJOpZJiHedG1nq2YootoeTi3KUKIkMRC_GDvGsZeOO5T50Z0C0b0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaUE4tMTUtNzFNUA==&google_push=AYg5qPKc4WA8YymKOQ3_0qILY70PZt_sG4UKnxM-Umixl2vdhJOpZJiHedG1nq2YootoeTi3KUKIkMRC_GDvGsZeOO5T50Z0C0b0
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaUE4tMTUtNzFNUA==&google_push=AYg5qPKc4WA8YymKOQ3_0qILY70PZt_sG4UKnxM-Umixl2vdhJOpZJiHedG1nq2YootoeTi3KUKIkMRC_GDvGsZeOO5T50Z0C0b0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame AF52
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s...
0
0

attr
cm.g.doubleclick.net/pixel/ Frame AF52
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KtqXAkti0OUIFQW0BMOavvWbywe8LPNVVxk2ghBtCb1-wbOfF6TnJm6CnrUPC1_do1na2j
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 0F2E
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db008b73108bddb2365e72828d0419a36658aad86564457cd319c39cba2b3f66

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 79E3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=3789639019&pi=t.aa~a.510851516~rp.4&w=850&lmt=1641807152&nsk=cf631d28&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=1&bdt=839&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0%2C850x312&nras=3&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qORlULCZS8&p=https%3A//www.pdfindir.net&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 10 Jan 2022 14:54:19 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 10 Jan 2022 14:54:19 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 10 Jan 2022 14:54:19 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 3579
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL1rhUxIHBw4gp1XbOI1iX4&google_cver=1&google_push=AYg5qPLbzRI5XXmeYZW2LvULrFyHNFgOjJ8mb8gSwUj2nneMVON4D74q1h...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLbzRI5XXmeYZW2LvULrFyHNFgOjJ8mb8gSwUj2nneMVON4D74q1hf9qUilzqLN8JXFLyHcXgaEHw53BGCTXGAkuy231yUi&google_hm=lxkv-X...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLbzRI5XXmeYZW2LvULrFyHNFgOjJ8mb8gSwUj2nneMVON4D74q1hf9qUilzqLN8JXFLyHcXgaEHw53BGCTXGAkuy231yUi&google_hm=lxkv-X-Rw4S9j7N9UxVnww
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLbzRI5XXmeYZW2LvULrFyHNFgOjJ8mb8gSwUj2nneMVON4D74q1hf9qUilzqLN8JXFLyHcXgaEHw53BGCTXGAkuy231yUi&google_hm=lxkv-X-Rw4S9j7N9UxVnww
pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3579
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKV1VdO...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDA0MjIwMDk1MzQ0MQ%3D%3D&google_push=AYg5qPKV1VdOkAE06LzRkNB1VInt9KUbB_llzwCSJg00lO25tXwgbFSqDteTCjOFahVuu6...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDA0MjIwMDk1MzQ0MQ%3D%3D&google_push=AYg5qPKV1VdOkAE06LzRkNB1VInt9KUbB_llzwCSJg00lO25tXwgbFSqDteTCjOFahVuu674HGYhLQB7eSRqz76D1Urjc0ksIGit
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMTAxNDU0MTkwMDA0MjIwMDk1MzQ0MQ%3D%3D&google_push=AYg5qPKV1VdOkAE06LzRkNB1VInt9KUbB_llzwCSJg00lO25tXwgbFSqDteTCjOFahVuu674HGYhLQB7eSRqz76D1Urjc0ksIGit
pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 10 Jan 2022 14:54:19 GMT
dds
rtb.openx.net/sync/ Frame 3579
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECJV5U4vjb4oDNBfx33potY&google_cver=1&google_push=AYg5qPJAWgL8vJnFcRfcNc8GqMvFo25uRHx2Elw_aeoXCNegMgM090F2u3hiIqcxh7sz2aY5a2yCWWs7PtXullM-Q7NDDB1QrVM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
f6tmi51l8nogve58idn26ut2aitcu9s9
pixel
cm.g.doubleclick.net/ Frame 3579
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJIbSg3F5cSDg4-thdCMc0e-JjXTiWbhmrmmkzK2jtGUInHo2o0Yg_pdb-Do18Pij-mAxf-v-oXNgryt-tSKd275BmaApCM
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v9DZYF6aT-ixBUGIHKOJzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJIbSg3F5cSDg4-thdCMc0e-JjXTiWbhmrmmkzK2jtGUInHo2o0Yg_pdb-Do18Pij-mAxf-v-oXNgryt-tSKd275BmaApCM
date
Mon, 10 Jan 2022 14:54:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3579
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAlG2fMsgixjKm0eEgKHbiI&google_cver=1&google_push=AYg5qPL9TdmUyps4375uWBorOCHrjiRt69hmG6HM0PTc_Jhco2fApJIPxHF0zHzFIYyEqr-zELD...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaVEYtMUYtMzg3VA==&google_push=AYg5qPL9TdmUyps4375uWBorOCHrjiRt69hmG6HM0PTc_Jhco2fApJIPxHF0zHzFIYyEqr-zELDyE_mGoXBQbXkMwZBAGRTG8rlz
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaVEYtMUYtMzg3VA==&google_push=AYg5qPL9TdmUyps4375uWBorOCHrjiRt69hmG6HM0PTc_Jhco2fApJIPxHF0zHzFIYyEqr-zELDyE_mGoXBQbXkMwZBAGRTG8rlz
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VDJaVEYtMUYtMzg3VA==&google_push=AYg5qPL9TdmUyps4375uWBorOCHrjiRt69hmG6HM0PTc_Jhco2fApJIPxHF0zHzFIYyEqr-zELDyE_mGoXBQbXkMwZBAGRTG8rlz
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3579
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJ...
0
0

pixel
cm.g.doubleclick.net/ Frame 3579
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENVagOSf-YnibtnL0BIOeeU&google_cver=1&google_push=AYg5qPIYMqFZoTtSnY4cK-qI...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIYMqFZoTtSnY4cK-qIzgVZ9mxU-lG2Sqb5Hi-ess7WltR5c4D8ntcN8DCIHxrc5EkLi-gOrsWdYsSfIfkpXaTqkrypvDphWA&google_hm=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIYMqFZoTtSnY4cK-qIzgVZ9mxU-lG2Sqb5Hi-ess7WltR5c4D8ntcN8DCIHxrc5EkLi-gOrsWdYsSfIfkpXaTqkrypvDphWA&google_hm=
Requested by
Host: www.pdfindir.net
URL: https://www.pdfindir.net/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIYMqFZoTtSnY4cK-qIzgVZ9mxU-lG2Sqb5Hi-ess7WltR5c4D8ntcN8DCIHxrc5EkLi-gOrsWdYsSfIfkpXaTqkrypvDphWA&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sun, 09 Jan 2022 14:54:19 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3579
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lfjc4AbOCbJ1eq9-BrJ-YFvCfjxLmBybXN8t_NVVnkFnMQXun5FN4mk7oq6qd_ZEcyEALklw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8349
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579245082538784&output=html&h=312&adk=2462295679&adf=1072935897&pi=t.aa~a.1135665855~rp.4&w=850&lmt=1641807152&nsk=643233f1&rafmt=11&pwprc=9278932055&psa=0&ad_type=text_image&format=850x312&url=https%3A%2F%2Fwww.pdfindir.net%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826458204&bpp=2&bdt=838&idt=-M&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D631595bab229f42d-22efcc7e19cd00c7%3AT%3D1641826457%3ART%3D1641826457%3AS%3DALNI_MbGs07qjz7cXhcM4btGPRjMJagenA&prev_fmts=0x0&nras=2&correlator=4841822094056&frm=20&pv=1&ga_vid=774576690.1641826458&ga_sid=1641826458&ga_hid=1928257840&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=158&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1047719975696644&pem=413&tmod=474&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Lbf6iqhTV&p=https%3A//www.pdfindir.net&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 10 Jan 2022 14:54:19 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 10 Jan 2022 14:54:19 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 10 Jan 2022 14:54:19 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220104&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
025d8572c909591df4fe0d40f9dd4f78adb516853bfe92d0d0dda6619021fe71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 14:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8725
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9579245082538784&plah=www.pdfindir.net&bust=31063947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 14:54:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C86
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Mon, 10 Jan 2022 14:47:18 GMT
expires
Tue, 10 Jan 2023 14:47:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
421
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B707
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fa9e7651a7860831f3d1f7d88a4f3b24083f2d881536a39655996265fd21a4bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7pm4xihm2I7XgknWN+4u9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 10 Jan 2022 14:54:19 GMT
date
Mon, 10 Jan 2022 14:54:19 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-7pm4xihm2I7XgknWN+4u9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame B707
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220104&jk=1047719975696644&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
pagead2.googlesyndication.com/bg/ Frame 0C86
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
2813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 14:07:26 GMT
generate_204
tpc.googlesyndication.com/ Frame 0C86
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?412DYA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:54:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220104&jk=1047719975696644&bg=!zs2lzYnNAAbDtiZlw7Y7ACkAdvg8WtxpV1Iw6QN0lLywyAiOTHPELFve0OUbB-CuaClQpAwil7UTaAIAAABgUgAAAApoAQeZAoqZYIYqswkLS3tz3a5sh7-6SihRJr7tgkqlToZFV0wfnVlUJaqLsSzps9t1p_z_Qz9RmWoHA94kd7hXFVLAko-1Vd_ezDfB-MxnrAajDWdX1EiYqM3a6rFFukxGbN0m06QqkixNkoiQ9DlZ6glsIEJ1YbwNyqbNI9Fd8LwbhCYRtlZ0ayixxvlQoftp9hG-mdEYiJOm1CQ-ZJMR4AE3UdpazKo9a7mAXH9C4xbHFooIxZTiSJa7Tt1DVYYRgPGak99mif20WDS6mULK2Ji9Xvhk0bmRHPRtwvcWj1LQEHNVk9c-j-DpWtHtqJZotWuVxSUN2L7jrN1x-zxTrqpnVcJUctiNRPBZ96I9tJw0Rd4y_rGfQk0tbM01AYXkcZFBMNH2keOFkmwnqhQg7zZ3tR3YSG_vzE_2q9P5NHX6_R9Eb8G_2fyo3G5jUiZByf-XwnxcSrVG5np8XQxJnUzrKezHlbXZt1fugmzjBd12i-mpd6CkWIecY9dpEk2fLl31Lye71BUHbyj79TJMNRHtyutUMoIqJ0Giyu5r0Sae0lyeb_qNOQw1zwigoI6P2xfa6EDeb3XosFcRZu3uLmE3pU8XorYyep2dn9kAM164xEj9dawBGNZ0gaqvOelYxf2xuT9Fw5JaPSx7nj9RVIbr9bn1wACdSK50nb8Xbx3dFzX_CY0Mc_WYyf9vcJvHRU0UUa9PTyo_Dbe4kc0RSTZ3SdQVJ-p0FUt407H6p3zGrldhum-77yiOslXcc7btQpU7t8znHHVRmtkn-IfmwM23qc7MF2nL37OiNyhIlHAMdPhKQRpunITP9xzIaZ2nyLqgx3_8893gzC7QYCQ1RJfi9KUWJqQFqA9rI5f3eQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.pdfindir.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 14:54:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onsecuritypolicyviolation object| onslotchange object| CloudflareApps undefined| href undefined| $ function| jQuery object| generatepressMenu object| generatepressNavSearch string| GoogleAnalyticsObject function| ga object| dataLayer object| wp object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| google_tag_manager object| google_tag_data function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| google_llp number| google_lpabyc object| googletag object| GoogleGcLKhOms object| google_image_requests

30 Cookies

Domain/Path Name / Value
.pdfindir.net/ Name: _ga
Value: GA1.2.774576690.1641826458
.pdfindir.net/ Name: _gid
Value: GA1.2.168421047.1641826458
.pdfindir.net/ Name: _gat_gtag_UA_113315475_13
Value: 1
.pdfindir.net/ Name: __gads
Value: ID=631595bab229f42d-22efcc7e19cd00c7:T=1641826457:RT=1641826457:S=ALNI_MbGs07qjz7cXhcM4btGPRjMJagenA
.doubleclick.net/ Name: IDE
Value: AHWqTUlh5Gy8JL7AyELpDNnA8eetw444e_EAVILVGdbkCCZmyphOe0otJuGrFdAt4ho
.quantserve.com/ Name: d
Value: ECgBCQGVJYEA
.quantserve.com/ Name: mc
Value: 61dc489a-e9528-f46c8-b580d
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMID
Value: YdxIm2vX1wMLLIYmjf.TpAAA
.casalemedia.com/ Name: CMPS
Value: 238
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BFD0D960-5E9A-4FE8-B105-41881CA389CE
.myvisualiq.net/ Name: c
Value: 1641826459
.myvisualiq.net/ Name: tuuid_lu
Value: 1641826459
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.casalemedia.com/ Name: CMPRO
Value: 288
.casalemedia.com/ Name: CMST
Value: YdxIm2HcSJsA
.myvisualiq.net/ Name: tuuid
Value: 8bfca39d-68c0-4552-a665-fd896978047b
.rlcdn.com/ Name: rlas3
Value: eEdTtABOJuWLCnKS2CdrCOERbBS4ZEyHB0088DE8o5M=
.doubleclick.net/ Name: DSID
Value: NO_DATA
.addthis.com/ Name: na_tc
Value: Y
.dlx.addthis.com/ Name: na_sr
Value: 20220110
.dlx.addthis.com/ Name: na_srp
Value: 3614
.rlcdn.com/ Name: pxrc
Value: CJuR8Y4GEgUI6AcQABIGCOndKhAA
.agkn.com/ Name: ab
Value: 0001%3AJQZ4nEi0YPcQIH%2F3b0GTngxNTmmQfSsZ
.agkn.com/ Name: u
Value: C|0CEApbwUbKW8FGwAAAAAAAQ13AQCAAQpAAAAAAA
.addthis.com/ Name: na_id
Value: 2022011014541900042200953441
.addthis.com/ Name: uid
Value: 61dc489b63c5538f
.addthis.com/ Name: ouid
Value: 61dc489b0001a58d4ea27ac972c83a38c9f4f56d7c6aefa18a1f
.dlx.addthis.com/ Name: na_rn
Value: 1
.dlx.addthis.com/ Name: na_sc_e
Value: 1

5 Console Messages

Source Level URL
Text
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEGUEY32pS7ZHi-5_N0tbgVc&google_cver=1&google_push=AYg5qPJIBCmBDHVkThYQgvMz3ut-mKomJDk3PdI80vxIknDws3SEg-sdr1s9MzKwA_rqY20GdNe4HPgmczyvbPHDnJp8RmyZplQ
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEOkDI94V5MuOash2u9cIDWc&google_push=AYg5qPIMPC_xWyyRRBy8TEdT2zj4Y7PV6SVhxQ6puFBuUjWSS1s9HrBWP30oOOjJE87O4CFCDbFbO-4_HJpTz2NH4k_1y_Q8hLQ&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_cver=1&google_push=AYg5qPIXP-zM1Kr4kphasVcFO1LlQhVj2B13CAqDLrs7Qbt-bAa2bl1zpDnuIxIGRIxZM_4wVs1JT3mZyWSM_aU579hwd-A7y4vI&google_gid=CAESEFxNRxmpMhughiWqaQAXhok
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEIiUBSCxQildYThJBU_8dTo&google_push=AYg5qPJCzX8wyfz-F9SY1BKJdsrfGUBJNwcvaWjlf4N5N17Lluz23RdRBKOg4hqz9IYqLGSoUgDDAhUbz_9Ze6sh3wxUb1N4aic&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdxIm2vX1wMLLIYmjf-TpAAAASAAAAAB&google_gid=CAESEPD46d5TgVOjYu8QFJPBzDk&google_cver=1&google_push=AYg5qPK8jASQE8af3oWKH7Mp1NR9Cw8H2VbYJDZA2hW2Co984bVWCAqkJz4fEN9W_GA9QV_Ii8HqKmUf_9pIJ1gOTdfLPCsJkmo
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.it
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
lh4.googleusercontent.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
static.adsafeprotected.com
stats.g.doubleclick.net
t.myvisualiq.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.pdfindir.net
cm.g.doubleclick.net
104.111.215.191
142.250.185.162
18.192.164.101
18.196.159.27
185.64.190.78
217.182.200.29
2600:9000:223f:ae00:8:48e:53c0:93a1
2606:4700:3033::ac43:aa28
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:808::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c07::9c
2a00:1450:4019:80b::2002
34.252.163.210
35.186.253.211
35.244.174.68
52.213.167.106
69.173.144.138
025d8572c909591df4fe0d40f9dd4f78adb516853bfe92d0d0dda6619021fe71
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
059d3874da2c22ea3999d98597f4be9409eb86fc9ac533cda8daa25e475ce236
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10652fb20fd331641e95d8d55704bc4369d4b74be70734e57c0bdf38f8d0b1f7
13fc1c4371eab1db71b64c85f0670275f3b1bc27d3611b502b13c4a04a9ce73e
167068d7bba0d199936e787f2894b436443161d561254184b3a4cc3228e7df24
1727b1e62080859daba4ec290322de72a88b4bbf55c79c17863472f7fa180e2f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
29dc3a6373ebb03a28f30a60dc579dae6e63eb65eea1a7ed91f7c04f58c695ad
2ccd04123f653fd227735ccce8283aba3103d244d939f551ca99b006a6254303
31845239723f6a0defa4a8ea86ef760282ba4b4c376b35dc162a0cdf18551856
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33a3b2b4bb13ccc6ea24e09ac28cf3934212a8191289ff8e032b8a25d84997f8
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
3d8693cddca8ef95b6b06ab98ad4ae68d7c7a30aa8d781e418c28b84bfcca7cd
3fd03241da766a9997c29d6b4a2ec25478af1d6519c7f1649d04199316f39a0e
418c52e163853f7bff8f6e86ea24aa28932435ae8781ae0461cf652180464e95
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50449063ba7339aee2c8c6c488d2470a80f3384352c4f067ea1ca2a63ef5b020
552029aec3b3afc11b764f721b1593dd868d231d7c0913518002be8fdd84e9c4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f34efe26e2bc0f086fd88f6b1a729d65bcacc04715b569117aafb39088781c
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c3941abab3df343cce4a2650f1d5720ad793024ffcbb5f5f4a6f01651cfdce4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c912c06a5e8060f657f8d76e7cb46b9b46a23edf796e3d61cdd1bdd6b9c8305
5cc9db30289d7b3ee71c133c1898e1b7bccc685122c0014fee3c2560f2df13cc
5de929a7b252c73163110250f6da25c58372ba107d9985bd46ea982564822f2e
5fce9fae77c6a9664c6288c9752e4b7f823586753c26591ab4b6344aca85afb5
6098a07c332935e29d6bb04af46555e0eca500a91ca61b0dc2182f40b5aa0e38
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642036a564c8fbbc2391bd6061c69967e9e244e6a4d1bfa2f3f014dc173808f8
6849c2f6dd45325e6d5761c53db3dd6ecf99158e9cf1eb3b4e35f7e4025cb5c0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
7807d474df5f0e63d7f00a0f5c2463e3014a232dcad3f077e98bd4c1f3460e33
7996a13ba28f47d09f223e3ab1971511b8390b708862b5f05be497d644845538
7c8eb7fd8354e29e58e77290872b6e05a65404a4d16fe26996b72b6f2f606281
7d2a211d68914089f74afd974b75fcd08dd364896da46df823c7be0313e1fc46
7e545a7e4d7f69a26daa026799b6ab7caea7cfe6aa822b0038f63c14a5f69cf1
7e715fd2fbbafb54f2dd0deb107b0586d3e9a9a58dc8495feccb5d35d900a572
80c1949158a74f51af0bfe547a89908e15bd8a975d852d49cfa7c6cdd7906289
851c0644befc98c7f726a7b39b2306fb0a6c2412a3033aa2a77b2b32d31db23d
87e5e34506211c5be0d22d158c38ee0f3c16f6a7d048b074b30d9554c943ef0c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8e659ae59f378f1a698e88c68c49e2ce620a4f848081ca4b4a54c2480030f568
8f9bb33465a25b3b67ffc235138831047715f7f49a5b68ee87a3851d300255ea
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91c82197d183592cfb227c9e4e368e428ce9ba45444603dc7441d8ffe045e01c
92eb7f09e7360a8eab0a3b8f42c68681ca9d0dc779e670b781f776172fd8e7db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f4e7bc09b20c73aae4a13af367da2ecfadbb1b1ff6269f52410f20efc157d29
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2cee35453c8e98f010c5ff255a05789af49e537e9801b6415a123e8d4de779c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aab51f2e752fafd723ab5e6bac1a850679b91739119c6b02203680fca367331e
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
cd148c14daa194956a07738296f8404c1662d752f34bd1f6ed7a6723dbcf4880
d4ee2e17fd09063382baa9b2909d960de8cd73c1daefb289b8ffe51f1a5a6493
d6b3e55aa3333fe10cb5b557a1bd82efd49970d2094246b19bf626bfc533469b
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
d8f2d9f31528a4c1b33f3ca79263f35c80f93daa44de261773942aaf9a34da44
db008b73108bddb2365e72828d0419a36658aad86564457cd319c39cba2b3f66
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab
e6c695066acb6aac3f955fc09e44151e98c3caea4dfec807e39142660513d39c
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
e89832d00551e4530719bb9ceeb7c1a9e35d4dbd38bf4ba627ada8966d8e4ea0
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d2e1ae56598910e3bca988f18fad915372b452f226c5b175b4b9d5b533eb3
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615
fa9e7651a7860831f3d1f7d88a4f3b24083f2d881536a39655996265fd21a4bc