archive.md Open in urlscan Pro
185.101.35.175 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://archive.md/wnPGe
Effective URL:
https://archive.md/wnPGe
Submission: On August 09 via manual (August 9th 2023, 4:59:19 pm UTC) from US — Scanned from DE

Summary HTTP 71 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 17 domains to perform 71 HTTP transactions. The main IP is 185.101.35.175, located in Norway and belongs to SERVETHEWORLD-AS, NO. The main domain is archive.md.
TLS certificate: Issued by R3 on July 18th 2023. Valid for: 3 months.

This is the only time archive.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	185.101.35.175 185.101.35.175	34989 (SERVETHEW...) (SERVETHEWORLD-AS)
3	2606:4700:e6:... 2606:4700:e6::ac40:c41e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	99.86.160.29 99.86.160.29	16509 (AMAZON-02) (AMAZON-02)
3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1 2	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
2	52.222.239.116 52.222.239.116	16509 (AMAZON-02) (AMAZON-02)
3	2602:803:c003... 2602:803:c003:200::44	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	23.218.210.30 23.218.210.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c003... 2602:803:c003:200::37	26667 (RUBICONPR...) (RUBICONPROJECT)
9	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3 5	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
7 9	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:bd5b:64ca:999b:f400	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2 3	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
71	31

11 185.101.35.175 (Norway) 1 redirects

ASN34989 (SERVETHEWORLD-AS, NO)
PTR: vps-175.35.101.185.stwvps.net

archive.md	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:c41e (United States)

ASN13335 (CLOUDFLARENET, US)

a.publir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.publir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.160.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-160-29.mxp64.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:68b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.38 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.239.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-239-116.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::37 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.194 (Grosse Pointe, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.138 (Frankfurt am Main, Germany) 7 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:bd5b:64ca:999b:f400 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.125.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	criteo.net static.criteo.net — Cisco Umbrella Rank: 617 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9311 csm.eu.criteo.net — Cisco Umbrella Rank: 8962	146 KB
15	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 572 eus.rubiconproject.com — Cisco Umbrella Rank: 636 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9202 pixel.rubiconproject.com — Cisco Umbrella Rank: 361 token.rubiconproject.com — Cisco Umbrella Rank: 632	18 KB
11	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 357 aax.amazon-adsystem.com — Cisco Umbrella Rank: 441 s.amazon-adsystem.com — Cisco Umbrella Rank: 317 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1131	69 KB
11	archive.md 1 redirects archive.md 217.114.215.132.de.stw1.279677424.pixel.archive.md Failed	453 KB
6	doubleclick.net 3 redirects ad.doubleclick.net — Cisco Umbrella Rank: 194 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	2 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8917 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10253 widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 18103	58 KB
3	btloader.com 1 redirects btloader.com — Cisco Umbrella Rank: 1116 api.btloader.com — Cisco Umbrella Rank: 1172	8 KB
3	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 11077	18 KB
3	publir.com a.publir.com — Cisco Umbrella Rank: 38138 analytics.publir.com — Cisco Umbrella Rank: 40254	163 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1373 cs.media.net — Cisco Umbrella Rank: 1558	1 KB
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 592 image8.pubmatic.com — Cisco Umbrella Rank: 686	151 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1192	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 245	5 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 368	652 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 465	619 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 363	265 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 221	613 B
71	17

	Domain	Requested by
11	archive.md	1 redirects archive.md
10	imageproxy.eu.criteo.net	ads.eu.criteo.com
9	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
5	pixel.rubiconproject.com	3 redirects archive.md
5	cm.g.doubleclick.net	3 redirects archive.md
4	token.rubiconproject.com	4 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	s.amazon-adsystem.com	2 redirects
3	fastlane.rubiconproject.com	a.publir.com
3	top-fwz1.mail.ru	archive.md top-fwz1.mail.ru
3	c.amazon-adsystem.com	a.publir.com c.amazon-adsystem.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	eus.rubiconproject.com	archive.md eus.rubiconproject.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	ad-delivery.net	archive.md
2	btloader.com	1 redirects archive.md
2	a.publir.com	archive.md a.publir.com
1	image8.pubmatic.com
1	cs.media.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	px.ads.linkedin.com	archive.md
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org	archive.md
1	widget.nl3.eu.criteo.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	beacon-ams3.rubiconproject.com	archive.md
1	ads.eu.criteo.com	archive.md
1	ib.adnxs.com	a.publir.com
1	prebid.media.net	a.publir.com
1	hbopenbid.pubmatic.com	a.publir.com
1	ad.doubleclick.net	archive.md
1	api.btloader.com	btloader.com
1	analytics.publir.com	a.publir.com
0	217.114.215.132.de.stw1.279677424.pixel.archive.md Failed	archive.md
71	34

This site contains links to these domains. Also see Links.

Domain
archive.today
buymeacoffee.com

Subject Issuer	Validity	Valid
archive.md R3	`2023-07-18` - `2023-10-16`	3 months	crt.sh
publir.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-16`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-06-13` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-07-05` - `2023-10-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://archive.md/wnPGe
Frame ID: 017D095D2D7DFAB8A7C8B77573FA2574
Requests: 41 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CDG%2FwdX0ZM08rRa08gJelJbjNix6sBwp1JAUQqH104T4%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6kdvH_inYMtaHqhGjKssR9C_Y4JVQ91hnl2ga1SQbmp3tXcbsLUBV_156URg2livCWaqt-nNSGJhCsWckUyKdyXXh_0-wOF5AF9YiHjnX7UsPrbZPfG5YYXGAVGU6TmpwdHOKeZREx20nhJdscxornwoQ3kpwzxXBIJJw3BzppEk00Uqxd62FNuvwNG8sD16jUjy7YDQkUt1Wi-kRYsB4LRzIP_j17lTvJpcs_293x5OYSgddD2GHoNp9EDkq1SqEBJlm1llk0M6plVjKV5iQKxlitwLE-mMbGPxR27nOZduA3rUCiW3xP-4e8rf_Sq90Z8bLMLDp9XQuc6ke_TYjHI8NCmpM9TlQleH_DPHm9Wt38AV3DbwtotRaSnPJRVwoh2N0CRa6lH5TFGo3VlLswdGaB1_s4dBVRTpD0dFQ9hFy4rfGy51uMatXpr0ELigWwyNMrpIW2HU09liuJ4TcbqUErIzLo-R5m0KtQ5-zgsMaS-E8eSNNt9fPBx0-A-zD0yBGUkzJ7MhfGrRM8BNKkyjBIrmixG9JWxvRj3T646xiVcTg5lc58mCzFOS_5K4jQYtjph0m6v6hY6OtiFDaw9d_Gm89h381kzWKOWwcIpsHtY-AckzodI0djU6c5fk7h4rVWEqkfRV4EMNYm8HSMqVWAjf6SkTua7FeyBjlqPeg8sYac3wJlI
Frame ID: 1998F42F70C39DF34C2E56C67B7686C0
Requests: 24 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: D4E61F7A7233592776F0B2CBC727936D
Requests: 10 HTTP requests in this frame

Frame: https://beacon-ams3.rubiconproject.com/beacon/d/216317ea-a619-4644-8850-701074f0751a?oo=0&accountId=12768&siteId=418560&zoneId=2368164&sizeId=2&e=6A1E40E384DA563B2769ED4E6D152A3493FCA1511B62C55C8FC9837D8723A2DA9BAC9C4FE58EC629A9F3BE90E2EDEADEB8B520C669668569CCAED35CA6DCC0A0D93F4087E205792D3DD15F6F351E40B001B43909F57A64A61CAE38BB63A44C1AA5498B5D5F7564A988D49154BEEF64B0E03B1A86672EE03FF16F967203B1211A2B0EB095FFA6AA1111B11A28601122BC401AF2562AE880D02AED4335DF055F1B98EF7CD303639EFD15613305AD4BC5AEE667666CA57DD49B79B3AF6C816AD4133F953357335D9C9DF738081148F32D0399CCF315EE94C12BA319F16EE2829D6E28B22A51985757363A242A52F5469D6BC942B5763C4E1149AB0211E4BD21EC28DC6B49C3C93C47048E7807B90FCC424ADE46FA99A25DE5264E064621249B5A93B23915FC17692454813FAAE852E6AA88FE3AC3268CF2C48BFCD969CC94942E83B5CFF42B81DE7002A9D89284428721CF182887F19C5FC26968E69639ABA0444EC4430BE1117E0F694FF51843E10A7B499F105AE1F868079E7329B8CF1F055B30C9E09790ADACE998E3D311831FDB2C7429537A92886EE59313E0464AC349A94CF7DA397FDE4CAD656700B8A0B35260BA6383665FB17074DAEBC1D94E2303CD0F05052D9DBE3845AC0EA188FD0860949841C5A8DA81B3A2DC24C7764F6084F5AB0FF2A49A4DB32A8BA1F29BC1F6785D079A32E0114B52A99C1EA22172ED987E9FC1EF2A7D4591CF4684EBB336357368C8F54B13604ED0D655690F871D149B1E4D1EF5AADABEE42E1D4E7586B85E23B98A8548E00A5796899381624346D8FCA4CB1A627CC2974BC0F46335D97443704BF1CABE027436A3A405B3EDE26502F704078A8A0D53366E2F4F075A434EE5CC590B8E972F5FA5559453147D9C502AF466E68649E2B3D4290AF6C5141FC85F36BEE3BF1F2FA70ED999567B2A4D64771DD86C73985C4EE97A76EB23836216E145AD21BFB2CD40B00DF6E1FC023DD3E22748A33797D2FA62C261CE08714665ECC357DA3FDC2244A419959E2448C74CED5FC8F5DB9B5B46586F44A1A9A07B2B9FC011E9A6E8E0D4EAAA55C9D1FD4A2C43A3E36423B875FA6BEB8D37B796B6ADFCFE9C39C7EDE6CE5ACDFCF9F4356DF1F6E0B7C2B10B307D619F3B1B17484A0970FD32C2DDD3A35EF9E467926C2A226CC3816274DBF237A53E0BF613F3A03FB498AA00A416D0A679072065AF33625DF0B58E25F3
Frame ID: 2E9F8136FEE5A39C8AA4A7D5A60764FE
Requests: 1 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=64d3c5e1001ab8ce2436742a1b118fa3&r=https%3a%2f%2farchive.md%2f&crossorigin=false
Frame ID: C4F2E7075E77229D31FD657D270F757B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Contact us

Page URL History Show full URLs

http://archive.md/wnPGe HTTP 302
https://archive.md/wnPGe Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

71
Requests

87 %
HTTPS

39 %
IPv6

17
Domains

34
Subdomains

31
IPs

8
Countries

937 kB
Transfer

1876 kB
Size

15
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://archive.today/
Title: archive.todaywebpage capture

Search URL Search Domain Scan URL

URL: http://buymeacoffee.com/archive.today
Title: Kauf mir einen Kaffee

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://archive.md/wnPGe HTTP 302
https://archive.md/wnPGe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://btloader.com/tag?aax_id=AAXJ730WZ&upapi=true HTTP 302
https://btloader.com/tag?o=6249846393012224&upapi=true

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENArp7HXuZpKj-cQQh1lehc&google_cver=1

Request Chain 50

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/O6PeTSBG67DOzRQDL8xqFQ?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oGlVTm5E2oJY_Alp3ycXtNb.Au20SUm_YyEgeQ--~A

Request Chain 51

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL3Z6ASF-K-LVO0

Request Chain 52

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=N17rS5RvRYaWRO1J9oN7EA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=N17rS5RvRYaWRO1J9oN7EA

Request Chain 53

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NjMzViZWE5MmI1NTU5M2U0MzRiOTNhNzgxMjFkMTg1OWNjNjhkZQ

Request Chain 54

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=N-W1Q-0vQgWCAtVzyvZpNg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=N-W1Q-0vQgWCAtVzyvZpNg

Request Chain 55

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEwzWjZBU0YtSy1MVk8w HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMYYOBhzNNsywX1w7fJ082k&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwzWjZBU0YtSy1MVk8w&google_push=

71 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request wnPGe Show response
archive.md/
Redirect Chain

http://archive.md/wnPGe
https://archive.md/wnPGe

171 KB
17 KB

1306ms
1222ms

Document
text/html

185.101.35.175
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.175 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-175.35.101.185.stwvps.net
Software: nginx /
Resource Hash: c3c305104f8a61ebe0b898da43a57798d6b7d6017675a03cf8b1ced4ff05c2f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: maxage=300
content-encoding: gzip
content-length: 16935
content-type: text/html;charset=utf-8
date: Wed, 09 Aug 2023 16:59:13 GMT
expires: Wed, 09 Aug 2023 17:04:13 GMT
link: <http://www.hksp.net/contact-us.html>; rel="original", <http://archive.md/timegate/http://www.hksp.net/contact-us.html>; rel="timegate", <http://archive.md/timemap/http://www.hksp.net/contact-us.html>; rel="timemap"; type="application/link-format"; from="Fri, 01 Jan 2021 15:32:15 GMT"; until="Fri, 01 Jan 2021 15:32:15 GMT", <http://archive.md/20210101153215/http://www.hksp.net/contact-us.html>; rel="first last memento"; datetime="Fri, 01 Jan 2021 15:32:15 GMT"
memento-datetime: Fri, 01 Jan 2021 15:32:15 GMT
server: nginx
vary: Accept-Language

Redirect headers

Cache-Control: private, no-cache, no-store, must-revalidate, maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 09 Aug 2023 16:59:12 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://archive.md/wnPGe
Pragma: no-cache
Server: nginx/1.9.2

GET
H2 200 1100.js Show response
a.publir.com/platform/ 22 KB
6 KB 94ms
28ms Script
text/javascript 2606:4700:e6::ac40:c41e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.publir.com/platform/1100.js
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f74b9e1c79513199f1bd78ac535c05ca8e748a498f4a892ab51a9040ee557e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
x-amz-version-id: Hzt4QCxummrfAiNhvaBVRpjmVctkEAn2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GR335K59CV0Z681F
age: 3088
cf-polished: origSize=24645
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: lqo7lfE6z5tBgVj26DeieXEMC8oD9uJXRIwMz7n7FIGOxxrNT3BbTfsZRFiqHdyA+kf+0pPYJ+c=
cf-bgj: minify
last-modified: Tue, 01 Aug 2023 16:55:08 GMT
server: cloudflare
etag: W/"51b44f15344b3b5f81a7c6930cd78b63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xo0wvRpCtQBMzyaHJxa6Oph%2B1guxn9tKc0m4q4FavMJpxs8nnx1ssAaJz3XjxMyUZcN7y7dMtgnJSqcecmJ%2Bpm2RWUYSJrV%2BwRQO9ekxXH0Uix6PCVbo1YfuSCg4%2Bq4vabFDluQCApRE0pM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7f418c60e86cbb77-FRA

GET
H2 200 6f4acd562130e391445d4ce8249913fae1129def.png
archive.md/wnPGe/ 2 KB
3 KB 46ms
45ms Image
image/png 185.101.35.175
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/wnPGe/6f4acd562130e391445d4ce8249913fae1129def.png
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.175 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-175.35.101.185.stwvps.net
Software: nginx /
Resource Hash: b9adc41090bfdb3f4953633121d5375b990158425b55d79414a8a4c1b734716b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/wnPGe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
last-modified: Sun, 07 Mar 2021 01:19:24 GMT
server: nginx
etag: 6f4acd5-6213-0e391445
content-type: image/png
access-control-allow-origin: *
cache-control: maxage=3600
accept-ranges: bytes
content-length: 2445
expires: Wed, 09 Aug 2023 17:46:58 GMT

GET x.gif
217.114.215.132.de.stw1.279677424.pixel.archive.md/ 0
0

GET
H2 200 prebid748.js Show response
a.publir.com/platform/common/ 524 KB
156 KB 44ms
44ms Script
application/javascript 2606:4700:e6::ac40:c41e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.publir.com/platform/common/prebid748.js
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/1100.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fd79269ea291d76a6d78cb1a9684c8a5b4111867321bb639a6a1460a00575ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
x-amz-version-id: ULU1Td1JOo5wy4WNkyWOZrFSI9nUxrkM
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HR3CSGBKAMREFM46
age: 1889410
cf-polished: origSize=537784
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nEzkUaRxtw629949/pZA8puwo+h7lGQ8bpxKyEGHwYxEjRpJ6nkDNIhpTftYwtpP+XM90l8Hcl0=
cf-bgj: minify
last-modified: Tue, 18 Jul 2023 20:08:31 GMT
server: cloudflare
etag: W/"cf761dcb45c204d96610b43cc55924af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAj9aWeBOVmaFFY%2BfumOFa3PBEJJUsA5KRN94vAx0vZD45o%2FoU93kuSz4M%2Fd7SE7ml1wSuqNDO2ZlTUI7EojfD6MczPcde9mlhaAdRmCrmc23Ch%2BGXKDhJVK4gdln%2BKPDfANYlsxhadbYh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7f418c6138d5bb77-FRA

POST
H2 200 publirPageViewTracker Show response
analytics.publir.com/ 4 B
597 B 525ms
515ms Fetch
application/json 2606:4700:e6::ac40:c41e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.publir.com/publirPageViewTracker
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/1100.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Referer: https://archive.md/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 3d458f00-19eb-4ac7-960e-269c6e171384
x-cache: Miss from cloudfront
x-amz-apigw-id: JZvbUFzYoAMF2iA=
content-length: 4
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-amzn-trace-id: Root=1-64d3c5e1-7c6ea96a4fe6529f2998ec0d;Sampled=0;lineage=aff9ae5f:0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5rv3QUlb1DoOAJcY9ojxdzT2X%2BOr%2FYx1tQ7bVijYzLhA2iNVfjIYJeDewgBwY4SLuJoOr5ZO%2BdVPlHPbIq5fnAt%2Br2TMUlrJWZ0aLr%2BoDuGjgUHWwk1Aj2k7X4Z%2FF5G6Jmd9SjS7xh8PaOjLo80IfbpXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 7f418c6148f2bb77-FRA
x-amz-cf-id: TCK8siDcK-I8R_3qb4X7de8OneqYA8pOspj9z1H7s9qNC8v0_8kdCw==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 246 KB
60 KB 115ms
34ms Script
application/javascript 99.86.160.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/1100.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.160.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-160-29.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:49:28 GMT
content-encoding: gzip
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 82ded7662ff2806d716068ef52891c6a.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 19:49:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MXP64-C2
age: 586
x-amz-server-side-encryption: AES256
etag: W/"a7247ead77dd201b1e56acf0e565194b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 4fsFyO2wD1vWG6iIWKVosuZnj05LdCY6H_OE316Fq70ZSNmfY3Jv6A==

GET
DATA 200
OK truncated
/ 783 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8591deeed80ff2f6b240bd53ae0186fb91f99227172ce770627185f23c155273

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 942 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44ad17dd9f7575456243736c32b3c59a8c5373aba00473c81c701582e9ccea20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afb7cbbcc5527f3174605e97940c1dcbd8b759835a37289434c805f1630abdfc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f54b65e5ef7387b69c8643b7cfda86eb03233e32b5c4ea8dae28aa6775acde34

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 858 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0bcda4d3e86c2bca85fc89dd3990e7f3b2272f0e20e7e03d60384a4c4103145

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 39 KB
17 KB 295ms
136ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: archive.md
URL: https://archive.md/wnPGe

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

c27f03222cd776cd45a393f9b075cf309dceb53ed63ad298d35be47d522e8e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 09 Aug 2023 16:53:26 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"64d3c486-9a07"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Wed, 09 Aug 2023 17:59:13 GMT

GET
H2 200 16d6d44b49cfd1de267f2cf22aea80ceef0131e7.png
archive.md/wnPGe/ 1 KB
1 KB 42ms
42ms Image
image/png 185.101.35.175
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/wnPGe/16d6d44b49cfd1de267f2cf22aea80ceef0131e7.png
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.175 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-175.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 852161f7d281481bafd2554e0efe37b4345286f2da0c8ab41742262a0bea64cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/wnPGe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
last-modified: Sun, 07 Mar 2021 01:19:24 GMT
server: nginx
etag: 16d6d44-b49c-fd1de267
content-type: image/png
access-control-allow-origin: *
cache-control: maxage=3600
accept-ranges: bytes
content-length: 1297
expires: Wed, 09 Aug 2023 17:46:58 GMT

GET
H2 200 b964a4d1474fff501abc0ef3dd52814415f25c45.png
archive.md/wnPGe/ 27 KB
27 KB 42ms
42ms Image
image/png 185.101.35.175
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/wnPGe/b964a4d1474fff501abc0ef3dd52814415f25c45.png
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.175 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-175.35.101.185.stwvps.net
Software: nginx /
Resource Hash: bc8a3d0bfd082b5ea2c03b8ec7d696f6e72053ea32e7e2b6ec25a09eb97f0680

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/wnPGe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
last-modified: Sun, 07 Mar 2021 01:19:24 GMT
server: nginx
etag: b964a4d-1474-fff501ab
content-type: image/png
access-control-allow-origin: *
cache-control: maxage=3600
accept-ranges: bytes
content-length: 27202
expires: Wed, 09 Aug 2023 17:46:58 GMT

GET
DATA 200
OK truncated
/ 326 B
0 Image
image/bmp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/bmp

GET
H2 200 52f130dc3f8eaeb719260302aa7f52a3003e1177.png
archive.md/wnPGe/ 44 KB
45 KB 76ms
75ms Image
image/png 185.101.35.175
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/wnPGe/52f130dc3f8eaeb719260302aa7f52a3003e1177.png
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.175 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-175.35.101.185.stwvps.net
Software: nginx /
Resource Hash: b67ae999431bb4b2abe9246aa76663ebafbc64c3b3cb52aa64ee372aefb966ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/wnPGe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
last-modified: Sun, 07 Mar 2021 01:19:24 GMT
server: nginx
etag: 52f130d-c3f8-eaeb7192
content-type: image/png
access-control-allow-origin: *
cache-control: maxage=3600
accept-ranges: bytes
content-length: 45261
expires: Wed, 09 Aug 2023 17:46:58 GMT

GET
H2 200 a3b431247afc52fc578023ea684dc298abf0d68c.png
archive.md/wnPGe/ 92 KB
93 KB 77ms
75ms Image
image/png 185.101.35.175
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/wnPGe/a3b431247afc52fc578023ea684dc298abf0d68c.png
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.175 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-175.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 34902ccb1aea408a0031489dbcc25da6cf50c09e277b5c0d87fe3c6c4d81023d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/wnPGe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
last-modified: Sun, 07 Mar 2021 01:19:24 GMT
server: nginx
etag: a3b4312-47af-c52fc578
content-type: image/png
access-control-allow-origin: *
cache-control: maxage=3600
accept-ranges: bytes
content-length: 94582
expires: Wed, 09 Aug 2023 17:46:58 GMT

GET
H2 200 3dd78d7fdeb0aa5472b0fab74b3bd72d4fcdf9e5.svg
archive.md/wnPGe/ 2 KB
1 KB 76ms
75ms Image
image/svg+xml 185.101.35.175
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/wnPGe/3dd78d7fdeb0aa5472b0fab74b3bd72d4fcdf9e5.svg
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.175 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-175.35.101.185.stwvps.net
Software: nginx /
Resource Hash: d14620efec83c02e8cbb8ce615e0307849765535c316ba5231ff0ede760b9cc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/wnPGe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
content-encoding: gzip
last-modified: Sun, 07 Mar 2021 01:19:24 GMT
server: nginx
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: maxage=3600
expires: Wed, 09 Aug 2023 17:46:58 GMT

GET
H2 200 e76463b6cc399976f54f90930654dd9a1256d592.png
archive.md/wnPGe/ 109 KB
110 KB 77ms
76ms Image
image/png 185.101.35.175
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/wnPGe/e76463b6cc399976f54f90930654dd9a1256d592.png
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.175 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-175.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 9a1fd75fe99db309a323a8605e7f89e3dc99b84906ee0ca1f9dd3bed912866ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/wnPGe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
last-modified: Sun, 07 Mar 2021 01:19:24 GMT
server: nginx
etag: e76463b-6cc3-99976f54
content-type: image/png
access-control-allow-origin: *
cache-control: maxage=3600
accept-ranges: bytes
content-length: 111848
expires: Wed, 09 Aug 2023 17:46:58 GMT

GET
H2 200 5ea20a03e2c4a097872e574f830e7b94a0b6bfd9.png
archive.md/wnPGe/ 54 KB
54 KB 77ms
76ms Image
image/png 185.101.35.175
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/wnPGe/5ea20a03e2c4a097872e574f830e7b94a0b6bfd9.png
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.175 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-175.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 77ff9526ba204b05a00796a7d35d495987635402000f6cb8da19b9ae6cca24b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/wnPGe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
last-modified: Sun, 07 Mar 2021 01:19:24 GMT
server: nginx
etag: 5ea20a0-3e2c-4a097872
content-type: image/png
access-control-allow-origin: *
cache-control: maxage=3600
accept-ranges: bytes
content-length: 55235
expires: Wed, 09 Aug 2023 17:46:58 GMT

GET
H2 200 a63ca6b1cbf73a0b182ddaff19b0357fc4c2bd89.png
archive.md/wnPGe/ 102 KB
102 KB 77ms
76ms Image
image/png 185.101.35.175
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/wnPGe/a63ca6b1cbf73a0b182ddaff19b0357fc4c2bd89.png
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.175 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-175.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 6e810ffeabb73754256d3bac03325d9aee06de84c36273c6aac1bfdbbfb93a53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/wnPGe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
last-modified: Sun, 07 Mar 2021 01:19:24 GMT
server: nginx
etag: a63ca6b-1cbf-73a0b182
content-type: image/png
access-control-allow-origin: *
cache-control: maxage=3600
accept-ranges: bytes
content-length: 104098
expires: Wed, 09 Aug 2023 17:46:58 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 579 B
933 B 43ms
42ms XHR
application/json 99.86.160.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Farchive.md&pubid=24a8f0bd-cf02-44fc-8552-07652599f740
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.160.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-160-29.mxp64.r.cloudfront.net
Software: Server /
Resource Hash: 0c48fa42ed1b2777bae0d65c4173982db96d368db0c77214fdbfbed093d3d046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 14:20:00 GMT
via: 1.1 82ded7662ff2806d716068ef52891c6a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP64-C2
age: 9553
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://archive.md
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 579
x-amz-cf-id: DDhwf6M6WgjUSIda_LUbEKjhOFnFg8KvCkNzvwxkeXWGI85hB0-lKQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 95ms
33ms XHR
application/javascript 99.86.160.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.160.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-160-29.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 71d15e4317f9ba4644f6c17f42ef94c8.cloudfront.net (CloudFront)
date: Wed, 09 Aug 2023 02:04:54 GMT
x-amz-cf-pop: MXP64-C2
age: 53660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 9yIbQgOkx1m6SfTBNKEWYZhBGrH6VAcmAXXAlE9-7E2QSjFbUCdgAA==

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://btloader.com/tag?aax_id=AAXJ730WZ&upapi=true
https://btloader.com/tag?o=6249846393012224&upapi=true

16 KB
7 KB

29ms
29ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=6249846393012224&upapi=true
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e544354a251bfc131782d1e7ce5efcdf5ba7625efe20744d4069fe5e6a55485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Aug 2023 16:40:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 993
etag: W/"ff67401f66aefb78f5884f869f988def"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYly5xwR0iD9oU6okgn4rxB7r2Do%2B3O%2FuuxNqPI%2B1sNNya4qzHvkCpQwfAQ8WQL8O632Jkylkx48yrNhQtLxR%2BhVoQTCW9kGEpaEkCrNR9KCkxFXMrY%2BhDTs6xs20u8%2FMV8%2B%2F6I%2BC4%2FbIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7f418c631b451cc3-FRA

Redirect headers

date: Wed, 09 Aug 2023 16:59:13 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQfrGq1bRkK8IFlMTHlDHFb3e0bBO8%2Bnc2XuBVaWrXLby%2Bd5d0iRwOohvKdecKIK39tSLh9HEp%2BCsNq8n4S03mufQR3j25sKVJ%2FrY6lvaKTRNDQw8sQ5Gvq6kiAuNKOEci2cQId2724nbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=6249846393012224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7f418c62eaf81cc3-FRA

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
996 B 69ms
68ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2825109;u=https%3A//archive.md/wnPGe;st=1691600353501;title=Contact%20us;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d902c2e8a6b15bcb;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=9.4//4g/0/0/;lvid=1691600353787%3A1691600353806%3A1%3A07f031be30a8329a1dbee74d9cb56c33;visible=true;_=0.1474857469648736

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://archive.md/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://archive.md
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://archive.md
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: https://archive.md
access-control-allow-headers: *

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 187ms
134ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAXJ730WZ&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 09 Aug 2023 16:59:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
931 B 75ms
28ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2385242
x-guploader-uploadid: ADPycds86VGkQvTN70_VFuS2NtjQ6HX8J5fMpsyc-NuzCY_wKYDsgJV661e5YshSsNBnUOz2dDMsMjzSdvSvX1Pfp_NGAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnICPM21QuX6gq0Ye8yrGDwCVG9q3QR0Pq%2F67kqdHlFWOsx42dl8e2sg%2FRS2dNh5Yz9DcM4t3BI6hg4KH75MkR%2FgB4wai3DMIDVCSM3hYxUr%2FwqK159XtZImjNPegxhOH9NIkFZDQeJUJfG7xw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7f418c63ad93372f-FRA
expires: Thu, 13 Jul 2023 03:02:35 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 91ms
23ms Image
image/x-icon 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: archive.md
URL: https://archive.md/wnPGe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 05:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 05:55:35 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 76ms
29ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.9349996123432012
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2385242
x-guploader-uploadid: ADPycds86VGkQvTN70_VFuS2NtjQ6HX8J5fMpsyc-NuzCY_wKYDsgJV661e5YshSsNBnUOz2dDMsMjzSdvSvX1Pfp_NGAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DE0Dopvuyl46zOXwJgk3gPtvX4l05934E5okx6B%2BQ4lWSy6%2FJYz63MCXxk%2FxD497lQtxgJItMLo%2BNEMCAVIyw8GcNFAHUNH3uDtIG3SbOhihaJUhhkxsJSNHwMYwwdr5fvMuLIOl74cVxVvMKw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7f418c63ad97372f-FRA
expires: Thu, 13 Jul 2023 03:02:35 GMT

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2224a8f0bd-cf02-44fc-8552-07652599f740%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
416 B 140ms
49ms Fetch
image/gif 52.222.239.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2224a8f0bd-cf02-44fc-8552-07652599f740%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Farchive.md%252FwnPGe%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.239.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-239-116.fra56.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/wnPGe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 16:59:14 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P4
x-amz-rid: 9MP86YR7DH7C059DMPHW
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: hifEjyjRKsZjsW7F_k-uEv_zuTTx-ZKoU9kmRBsiIP052e9vfyqDOQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
458 B 143ms
58ms XHR
text/javascript 52.222.239.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Farchive.md%2FwnPGe&pid=w28D3eaAVzcmy&cb=0&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22div-hre-Archive-Today-581%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22hre_Archive_Today_581%22%7D%2C%7B%22sd%22%3A%22div-hre-Archive-Today-582%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22hre_Archive_Today_582%22%7D%2C%7B%22sd%22%3A%22div-hre-Archive-Today-583%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22hre_Archive_Today_583%22%7D%5D&schain=1.0%2C1!publir.com%2C97921100%2C1%2C%2C%2C&pubid=24a8f0bd-cf02-44fc-8552-07652599f740&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.239.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-239-116.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P4
x-amz-rid: CCJWWPR8RM109X081E5K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://archive.md
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: SqAxO_tUM7VIDzvTydoJ87t9mpdV9029gsc9HcsjDV-r7KP9O9CSXA==

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 337 B
678 B 286ms
145ms XHR
application/json 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=418560&zone_id=2368166&size_id=9&rp_schain=1.0,1!publir.com,97921100,1,,,&rf=https%3A%2F%2Farchive.md%2FwnPGe&tg_i.domain=archive.md&tg_i.page=https%3A%2F%2Farchive.md%2FwnPGe&tg_i.pbadslot=div-hre-Archive-Today-581&tk_flint=pbjs_lite_v7.48.0&x_source.tid=27b80e65-c406-4e7d-a7fe-db36f1cec7af&l_pb_bid_id=2c617ea739369f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=27b80e65-c406-4e7d-a7fe-db36f1cec7af&rp_maxbids=1&slots=1&rand=0.7968242751550796
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid748.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f8207e1f6d0d37425bbb866d1b448054885f3af2a442f3872c45ab9d1c316a2a

Request headers

Referer: https://archive.md/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 16:59:14 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://archive.md
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 337
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 337 B
849 B 249ms
109ms XHR
application/json 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=418560&zone_id=2368168&size_id=9&rp_schain=1.0,1!publir.com,97921100,1,,,&rf=https%3A%2F%2Farchive.md%2FwnPGe&tg_i.domain=archive.md&tg_i.page=https%3A%2F%2Farchive.md%2FwnPGe&tg_i.pbadslot=div-hre-Archive-Today-582&tk_flint=pbjs_lite_v7.48.0&x_source.tid=1b42723f-c384-4f17-b538-884e0f673b39&l_pb_bid_id=35962a8d208296&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1b42723f-c384-4f17-b538-884e0f673b39&rp_maxbids=1&slots=1&rand=0.6696854682533118
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid748.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 54377a809d71ab5c6204fb9bc0ccaafcf5118444b33efb4b831db35871224d96

Request headers

Referer: https://archive.md/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 16:59:14 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://archive.md
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 337
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 297ms
157ms XHR
application/json 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=418560&zone_id=2368164&size_id=2&rp_schain=1.0,1!publir.com,97921100,1,,,&rf=https%3A%2F%2Farchive.md%2FwnPGe&tg_i.domain=archive.md&tg_i.page=https%3A%2F%2Farchive.md%2FwnPGe&tg_i.pbadslot=div-hre-Archive-Today-583&tk_flint=pbjs_lite_v7.48.0&x_source.tid=d5b5e200-b21f-4bfe-a9ef-3e29d287995e&l_pb_bid_id=41bf63b09066c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d5b5e200-b21f-4bfe-a9ef-3e29d287995e&rp_maxbids=1&slots=1&rand=0.1773729687052834
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid748.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 02de161c54e7acb4133b22fd985f5cb6a320baffd758b7f5da99e722c60e32f7

Request headers

Referer: https://archive.md/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 16:59:14 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://archive.md
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
109 B 105ms
28ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid748.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://archive.md/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://archive.md
date: Wed, 09 Aug 2023 16:59:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
598 B 89ms
38ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU94KNQI
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid748.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 493eaab795c171dac333a8a7d6254c883f911b810cf2ae1d05d492a162700650

Request headers

Referer: https://archive.md/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 16:59:14 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://archive.md
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Wed, 09 Aug 2023 16:59:14 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 53 B
613 B 117ms
41ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid748.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://archive.md/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 16:59:14 GMT
an-x-request-uuid: 7135c4d4-cf35-4791-bb34-09a847aebc48
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://archive.md
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 53
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
908 B 69ms
69ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2825109;u=https%3A//archive.md/wnPGe;st=1691600353501;title=Contact%20us;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d902c2e8a6b15bcb;ver=60.3.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1691600351863/////188/189/189/189/272/229/273/1495/1536/1497/1638/1638/1638/2042/2042/2078;ni=9.4//4g/0/0/;lvid=1691600353787%3A1691600353942%3A2%3A07f031be30a8329a1dbee74d9cb56c33;visible=true;_=0.8179002308616294;e=RT/load;et=1691600353941

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://archive.md/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://archive.md
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://archive.md
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: https://archive.md
access-control-allow-headers: *

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1998 203 KB
57 KB 217ms
122ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CDG%2FwdX0ZM08rRa08gJelJbjNix6sBwp1JAUQqH104T4%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6kdvH_inYMtaHqhGjKssR9C_Y4JVQ91hnl2ga1SQbmp3tXcbsLUBV_156URg2livCWaqt-nNSGJhCsWckUyKdyXXh_0-wOF5AF9YiHjnX7UsPrbZPfG5YYXGAVGU6TmpwdHOKeZREx20nhJdscxornwoQ3kpwzxXBIJJw3BzppEk00Uqxd62FNuvwNG8sD16jUjy7YDQkUt1Wi-kRYsB4LRzIP_j17lTvJpcs_293x5OYSgddD2GHoNp9EDkq1SqEBJlm1llk0M6plVjKV5iQKxlitwLE-mMbGPxR27nOZduA3rUCiW3xP-4e8rf_Sq90Z8bLMLDp9XQuc6ke_TYjHI8NCmpM9TlQleH_DPHm9Wt38AV3DbwtotRaSnPJRVwoh2N0CRa6lH5TFGo3VlLswdGaB1_s4dBVRTpD0dFQ9hFy4rfGy51uMatXpr0ELigWwyNMrpIW2HU09liuJ4TcbqUErIzLo-R5m0KtQ5-zgsMaS-E8eSNNt9fPBx0-A-zD0yBGUkzJ7MhfGrRM8BNKkyjBIrmixG9JWxvRj3T646xiVcTg5lc58mCzFOS_5K4jQYtjph0m6v6hY6OtiFDaw9d_Gm89h381kzWKOWwcIpsHtY-AckzodI0djU6c5fk7h4rVWEqkfRV4EMNYm8HSMqVWAjf6SkTua7FeyBjlqPeg8sYac3wJlI

Requested by

Host: archive.md
URL: https://archive.md/wnPGe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

882a0c5480dcfc586bbed3b4e1ab393c91f7d399c7d3415e0a986f9a18320936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://archive.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 09 Aug 2023 16:59:13 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=W2SzHHFAFxD70F2_fMoStQgVoITKKwo9AZhm9jIDiRkIiRdSREdrzxbbRIEc23ogC_2e2pZzjaMEYdOexCQTPafXWEpU2xQ8tfiWx0vChIHDbi22QoCZTbt_prCuQyy4Yd3Pyd5ceX-Mwa2BEnvmuGW3h6FCKSIvMyBCETLqZotkzpgzPQGtUltwI-urr1YGWJPj9KTVe9p0mlHreS1pqRDI1opClUvjq4Tv-BEoAd5w2ICN9A3pEtb4Sqbh3UOH_Vx6zg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 86718046
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D4E6 281 B
554 B 90ms
36ms Document
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://archive.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Aug 2023 16:59:14 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 216317ea-a619-4644-8850-701074f0751a
beacon-ams3.rubiconproject.com/beacon/d/ Frame 2E9F 43 B
227 B 142ms
29ms Image
image/avif 2602:803:c003:200::37
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/216317ea-a619-4644-8850-701074f0751a?oo=0&accountId=12768&siteId=418560&zoneId=2368164&sizeId=2&e=6A1E40E384DA563B2769ED4E6D152A3493FCA1511B62C55C8FC9837D8723A2DA9BAC9C4FE58EC629A9F3BE90E2EDEADEB8B520C669668569CCAED35CA6DCC0A0D93F4087E205792D3DD15F6F351E40B001B43909F57A64A61CAE38BB63A44C1AA5498B5D5F7564A988D49154BEEF64B0E03B1A86672EE03FF16F967203B1211A2B0EB095FFA6AA1111B11A28601122BC401AF2562AE880D02AED4335DF055F1B98EF7CD303639EFD15613305AD4BC5AEE667666CA57DD49B79B3AF6C816AD4133F953357335D9C9DF738081148F32D0399CCF315EE94C12BA319F16EE2829D6E28B22A51985757363A242A52F5469D6BC942B5763C4E1149AB0211E4BD21EC28DC6B49C3C93C47048E7807B90FCC424ADE46FA99A25DE5264E064621249B5A93B23915FC17692454813FAAE852E6AA88FE3AC3268CF2C48BFCD969CC94942E83B5CFF42B81DE7002A9D89284428721CF182887F19C5FC26968E69639ABA0444EC4430BE1117E0F694FF51843E10A7B499F105AE1F868079E7329B8CF1F055B30C9E09790ADACE998E3D311831FDB2C7429537A92886EE59313E0464AC349A94CF7DA397FDE4CAD656700B8A0B35260BA6383665FB17074DAEBC1D94E2303CD0F05052D9DBE3845AC0EA188FD0860949841C5A8DA81B3A2DC24C7764F6084F5AB0FF2A49A4DB32A8BA1F29BC1F6785D079A32E0114B52A99C1EA22172ED987E9FC1EF2A7D4591CF4684EBB336357368C8F54B13604ED0D655690F871D149B1E4D1EF5AADABEE42E1D4E7586B85E23B98A8548E00A5796899381624346D8FCA4CB1A627CC2974BC0F46335D97443704BF1CABE027436A3A405B3EDE26502F704078A8A0D53366E2F4F075A434EE5CC590B8E972F5FA5559453147D9C502AF466E68649E2B3D4290AF6C5141FC85F36BEE3BF1F2FA70ED999567B2A4D64771DD86C73985C4EE97A76EB23836216E145AD21BFB2CD40B00DF6E1FC023DD3E22748A33797D2FA62C261CE08714665ECC357DA3FDC2244A419959E2448C74CED5FC8F5DB9B5B46586F44A1A9A07B2B9FC011E9A6E8E0D4EAAA55C9D1FD4A2C43A3E36423B875FA6BEB8D37B796B6ADFCFE9C39C7EDE6CE5ACDFCF9F4356DF1F6E0B7C2B10B307D619F3B1B17484A0970FD32C2DDD3A35EF9E467926C2A226CC3816274DBF237A53E0BF613F3A03FB498AA00A416D0A679072065AF33625DF0B58E25F3

Requested by

Host: archive.md
URL: https://archive.md/wnPGe

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::37 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 16:59:14 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D4E6 34 KB
10 KB 23ms
22ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d303cbe6653b64072cb969d7307cb70bc416509a320bb8ee582757634b5f8de9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 16:59:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Aug 2023 20:28:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12568
Connection: keep-alive
Content-Length: 10116
Expires: Wed, 09 Aug 2023 20:28:42 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1998 2 KB
1 KB 119ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CDG%2FwdX0ZM08rRa08gJelJbjNix6sBwp1JAUQqH104T4%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6kdvH_inYMtaHqhGjKssR9C_Y4JVQ91hnl2ga1SQbmp3tXcbsLUBV_156URg2livCWaqt-nNSGJhCsWckUyKdyXXh_0-wOF5AF9YiHjnX7UsPrbZPfG5YYXGAVGU6TmpwdHOKeZREx20nhJdscxornwoQ3kpwzxXBIJJw3BzppEk00Uqxd62FNuvwNG8sD16jUjy7YDQkUt1Wi-kRYsB4LRzIP_j17lTvJpcs_293x5OYSgddD2GHoNp9EDkq1SqEBJlm1llk0M6plVjKV5iQKxlitwLE-mMbGPxR27nOZduA3rUCiW3xP-4e8rf_Sq90Z8bLMLDp9XQuc6ke_TYjHI8NCmpM9TlQleH_DPHm9Wt38AV3DbwtotRaSnPJRVwoh2N0CRa6lH5TFGo3VlLswdGaB1_s4dBVRTpD0dFQ9hFy4rfGy51uMatXpr0ELigWwyNMrpIW2HU09liuJ4TcbqUErIzLo-R5m0KtQ5-zgsMaS-E8eSNNt9fPBx0-A-zD0yBGUkzJ7MhfGrRM8BNKkyjBIrmixG9JWxvRj3T646xiVcTg5lc58mCzFOS_5K4jQYtjph0m6v6hY6OtiFDaw9d_Gm89h381kzWKOWwcIpsHtY-AckzodI0djU6c5fk7h4rVWEqkfRV4EMNYm8HSMqVWAjf6SkTua7FeyBjlqPeg8sYac3wJlI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Aug 2024 16:59:14 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1998 2 KB
1 KB 112ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Aug 2024 16:59:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1998 308 B
636 B 121ms
44ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 03 Aug 2024 16:59:14 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1998 293 B
621 B 119ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 03 Aug 2024 16:59:14 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 1998 43 B
348 B 112ms
29ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=MMNWLT3hiOjQljeq5p1vZE6dSnmDUEpoOx7QTKauXEjX4LKb8LPqeT1MHk09iR4-iYWORmRd77wafkdqNoOA9gIkJoM0yfYSr-RHGDOrA2LdoKcwZej4WlADCaKHAG2nRfR3KInkQjMKshMpcJyS9O8AqvewdddY4J58vzb1fpf_PFch7J9RkhRw6y_2D9PG6KR8IP_E07FpUJVAD1EjhFQ7lLE2UU3RepO9jvQPASQMIs9kX9awSBqIXuv3nNKZMt0dspNhFKgu7N8G1HPATQzn3ywK0mMxw3bxl0AXuDaqsMH-VK5fTQG8G-W3lEKd8Hd5e3yuJ41GcWJnA9DL5h4CKEoOk3mOykmKGzANEamKWQJxtOhp98KUolzH12RAad4cZI_DTQAPeCW9yHpKql4Kgmp7lWZgFFektaSKN4UXTQXUNFc8BxicuoPNG45W4sgo2wMhO6hAq7HCi2P0qmiMZ9o

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 16:59:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1983728
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dis.aspx Show response
widget.nl3.eu.criteo.com/dis/ Frame C4F2 28 B
472 B 105ms
33ms Document
text/html 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=64d3c5e1001ab8ce2436742a1b118fa3&r=https%3a%2f%2farchive.md%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Wed, 09 Aug 2023 16:59:13 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1009537
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame D4E6 70 B
265 B 159ms
45ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 09 Aug 2023 16:59:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame D4E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENArp7HXuZpKj-cQQh1lehc&google_cver=1

0
239 B

102ms
23ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENArp7HXuZpKj-cQQh1lehc&google_cver=1
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 09 Aug 2023 16:59:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENArp7HXuZpKj-cQQh1lehc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame D4E6
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/O6PeTSBG67DOzRQDL8xqFQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oGlVTm5E2oJY_Alp3ycXtNb.Au20SUm_YyEgeQ--~A

0
239 B

23ms
23ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oGlVTm5E2oJY_Alp3ycXtNb.Au20SUm_YyEgeQ--~A
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 09 Aug 2023 16:59:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oGlVTm5E2oJY_Alp3ycXtNb.Au20SUm_YyEgeQ--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame D4E6
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL3Z6ASF-K-LVO0

0
652 B

183ms
134ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL3Z6ASF-K-LVO0
Requested by: Host: archive.md
URL: https://archive.md/wnPGe
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7728EA4422DD44BCB8075A882B2B0EA7 Ref B: FRAEDGE1711 Ref C: 2023-08-09T16:59:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCgGY+xYtMa3g7zSFf0Q==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL3Z6ASF-K-LVO0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D4E6
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=N17rS5RvRYaWRO1J9oN7EA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=N17rS5RvRYaWRO1J9oN7EA

43 B
479 B

111ms
111ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=N17rS5RvRYaWRO1J9oN7EA

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Aug 2023 16:59:15 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XVWJYKW57Z37YCFN0M0V
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=N17rS5RvRYaWRO1J9oN7EA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D4E6
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NjMzViZWE5MmI1NTU5M2U0MzRiOTNhNzgxMjFkMTg1OWNjNjhkZQ

170 B
243 B

30ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NjMzViZWE5MmI1NTU5M2U0MzRiOTNhNzgxMjFkMTg1OWNjNjhkZQ

Requested by

Host: archive.md
URL: https://archive.md/wnPGe

Protocol

Server

142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 16:59:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NjMzViZWE5MmI1NTU5M2U0MzRiOTNhNzgxMjFkMTg1OWNjNjhkZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame D4E6
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=N-W1Q-0vQgWCAtVzyvZpNg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=N-W1Q-0vQgWCAtVzyvZpNg

43 B
479 B

53ms
52ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=N-W1Q-0vQgWCAtVzyvZpNg

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Aug 2023 16:59:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7SAB6M4HJ68DGFB0HGXZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=N-W1Q-0vQgWCAtVzyvZpNg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4E6
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEwzWjZBU0YtSy1MVk8w
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMYYOBhzNNsywX1w7fJ082k&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwzWjZBU0YtSy1MVk8w&google_push=

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwzWjZBU0YtSy1MVk8w&google_push=

Requested by

Host: archive.md
URL: https://archive.md/wnPGe

Protocol

Server

142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 16:59:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwzWjZBU0YtSy1MVk8w&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1998 12 KB
5 KB 79ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 171214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7312c2Upt8Gc82JDwba6SZGH5738GUib11suawWYyNJ0o4rCXTEfU1Qn5Y6ctr1xEVZHY%2FPeQPMqExMWqCG%2FG%2BL9xyDBvRiyy6sEfus0L9KKM9JLeQcsE1mDgh9pXkoVRgi4nZEyZWBEtX0cxH6x9mf%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f418c680b0a1907-FRA
expires: Mon, 29 Jul 2024 16:59:14 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1998 12 KB
6 KB 53ms
41ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Aug 2024 16:59:14 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1998 15 KB
15 KB 212ms
114ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=41274&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F41274%2F181121%2Fee4e3a068c914c8888c2a3d4c9a20fdd_logo.png&v=3&w=256&s=oExHv-7wdSxW5ewF1NJ9n5M0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

07f4a2ba87c0eef4920ffe5476101bc8e25d7356f28cdeb971f5e6197833e4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 15170
expires: Tue, 30 Jul 2024 03:36:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1998 8 KB
8 KB 135ms
37ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2Fe322b6464af9d54d0346a7056f2dcf75.jpg&v=3&w=800&s=yNIOWRMdyukmn03KuAx8TZ7c&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7bb16905633713d72955960ee3312dd19d4861ee7141bb7eb8e5b9b59af54d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 7942
expires: Wed, 09 Aug 2023 18:31:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1998 9 KB
9 KB 159ms
62ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2F5a5f77ebc6b06670e421adb26fa80822.jpg&v=3&w=800&s=vvPiOo8GulTUa44hk3X_MgwE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d90bddf2a2e21652bab5d90889388a00e3ae528a88dd8d8aa76fe510108fa225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 9302
expires: Thu, 10 Aug 2023 02:02:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1998 7 KB
7 KB 180ms
83ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2Ffe3ba017ff995f307d089a381318d4a4.jpg&v=3&w=800&s=vDIVY805hAeYIOrV88tibJGo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

99c11db2ff5d7863cdd20e7ea835ad069fe47a6dfeb38e47d40a1bc8e8296949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 7414
expires: Wed, 09 Aug 2023 19:12:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1998 16 KB
16 KB 176ms
79ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2F41930d3f4d073746db8b70505f2d9292.jpg&v=3&w=800&s=GeC5ohEcNycDR09xsxCMyD5a&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0dd98a1282467febe4367a87bc7d2c5c5e05ce23edc9e578a574992aed12ba39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 16122
expires: Wed, 09 Aug 2023 18:44:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1998 9 KB
10 KB 190ms
94ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2F721ff55840c287b89a614021701c6001.jpg&v=3&w=800&s=hkxJd-mJ7BfZ9-IdkFVQaLRz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

92f5f18bdae2fb0a06a69c6eb05c4f904465c36eed5273590920a6df60e936cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 9710
expires: Wed, 09 Aug 2023 20:40:28 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1998 10 KB
10 KB 80ms
79ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2F2088d28824a25de9658d74e62887b3be.jpg&v=3&w=800&s=ikVQtd8t1lU63cOY-Qhv9UvA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

37190fe0b20799e4dc0cee074e827d499211534bd3e78fabedb37126c2550688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 10194
expires: Wed, 09 Aug 2023 19:11:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1998 23 KB
23 KB 91ms
89ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2F418a134fa3c3926606fe3e9b16cb949d.jpg&v=3&w=800&s=nfsevmv64Vo9u2bCXRPsaK-T&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ea9b81d2288c3fb03dd271e0f8e68a9059bda3a55f0387e25d9a24f2fbd2ae65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 23248
expires: Wed, 09 Aug 2023 18:34:22 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1998 11 KB
11 KB 77ms
76ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2Fe9b3bfb287d9b73af94b8100ccfdab68.jpg&v=3&w=800&s=w7uakHlvdOYihIyOUBfflqdE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c2bfecdf9baf8d1e06565e4eb5b8669977eb5445986d026e2722d9e16972f30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 11560
expires: Wed, 09 Aug 2023 17:13:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1998 6 KB
6 KB 77ms
77ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2Fecab27a53ab88e1672cc2e1ce1a3c0a1.jpg&v=3&w=800&s=mafKQNgoOVKZ4RPutezr9XhQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

df22c91521d4c10a8ed21ac4c6d664f9570ca19b8c0e1d8f5cc413a4edd03793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 5758
expires: Wed, 09 Aug 2023 18:58:44 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1998 0
128 B 132ms
35ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=W2SzHHFAFxD70F2_fMoStQgVoITKKwo9AZhm9jIDiRkIiRdSREdrzxbbRIEc23ogC_2e2pZzjaMEYdOexCQTPafXWEpU2xQ8tfiWx0vChIHDbi22QoCZTbt_prCuQyy4Yd3Pyd5ceX-Mwa2BEnvmuGW3h6FCKSIvMyBCETLqZotkzpgzPQGtUltwI-urr1YGWJPj9KTVe9p0mlHreS1pqRDI1opClUvjq4Tv-BEoAd5w2ICN9A3pEtb4Sqbh3UOH_Vx6zg&sds=2&rev=87880&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 09 Aug 2023 16:59:14 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1998 2 KB
1 KB 40ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Aug 2024 16:59:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1998 2 KB
1 KB 39ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Aug 2024 16:59:14 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 1998 2 KB
899 B 35ms
35ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Aug 2024 16:59:14 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 1998 16 KB
17 KB 144ms
72ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Aug 2024 16:59:14 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1998 0
127 B 37ms
37ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 09 Aug 2023 16:59:15 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H/1.1 200
OK cksync.php
cs.media.net/ 60 B
426 B 154ms
74ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Aug 2023 16:59:17 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 60
x-mnet-hl2: E
Expires: Wed, 09 Aug 2023 16:59:17 GMT

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 127ms
34ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=1683294
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 16:59:16 GMT
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 217.114.215.132.de.stw1.279677424.pixel.archive.md
URL: https://217.114.215.132.de.stw1.279677424.pixel.archive.md/x.gif

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
archive.md/	1970-01-20 13:53:27	Name: _ga Value: GA1.2.661111166.1691600353
.archive.md/	1970-01-20 21:52:51	Name: tmr_lvid Value: 07f031be30a8329a1dbee74d9cb56c33
.archive.md/	1970-01-20 21:52:51	Name: tmr_lvidTS Value: 1691600353787
.mail.ru/	1970-01-20 22:40:22	Name: VID Value: 13W0CF0UPJ2J00000u1mT42J:::0-0-0-9ee1ea1:CAASENjKrNzJzSJrfbqJqmsf0XwaYCR0SjQeu4E7foU-Kdd8NcY53dAh9vEQStEEMmngEyAoO-VreQ6NpRait7t2q9PJ21eTJiGE3mKEGuEi0pdt12t3NPyxEPTIacZtC4KbToU1yOPPnWzdXpyLdcWOToiqOg
.rubiconproject.com/	1970-01-20 22:38:56	Name: khaos Value: LL3Z6ASF-K-LVO0
.rubiconproject.com/	1970-01-20 22:38:56	Name: audit Value: 1\|naVuGyos1qpReytCoXXJLczzH/SUMvpGs1wMD2ZZQDL20dyKxB4PpAjVR+wR3HbmkbOFimsiNTp94D3ku/Kjg4ZSnAeuv8EPIZE5xoQF+eG+xUA9sgf/4dzpQ7vzkXQ/
.criteo.com/	1970-01-20 23:14:56	Name: uid Value: dbf97492-112f-47d6-a1a7-73091b00bf12
.doubleclick.net/	1970-01-20 23:14:56	Name: IDE Value: AHWqTUkzdw8f69fMwzupbeZe69oMrOviJkKAcQQnh7ioTsdOpDT-SgYdTMOJur8FtCg
.yahoo.com/	1970-01-20 22:39:17	Name: A3 Value: d=AQABBOLF02QCEHGvVAGZxVT5QJRrHBOoEQcFEgEBAQEX1WTdZAAAAAAA_eMAAA&S=AQAAAsDnI6oQtAD5CS_DvKRGKlQ
.linkedin.com/	1970-01-20 22:38:56	Name: bcookie Value: "v=2&b9f8a7f4-310c-4f33-8c29-7f92f9f973b7"
.linkedin.com/	1970-01-20 18:12:32	Name: li_gc Value: MTswOzE2OTE2MDAzNTQ7MjswMjExkYq4qjGEc8FD8X3nwOA5+sdNOUGoXTGNXh5lZPjM3A==
.linkedin.com/	1970-01-20 13:54:46	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2930:u=1:x=1:i=1691600354:t=1691686754:v=2:sig=AQFHUpjpDN7zvpk7dUmv6OtObNFxNFhF"
.amazon-adsystem.com/	1970-01-20 23:29:20	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 19:33:10	Name: ad-id Value: A550GmynCkmvqmTvZaVJm9I
archive.md/	1970-01-20 13:54:46	Name: tmr_detect Value: 0%7C1691600356118

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://217.114.215.132.de.stw1.279677424.pixel.archive.md/x.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	(Line 1) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

217.114.215.132.de.stw1.279677424.pixel.archive.md
a.publir.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.eu.criteo.com
analytics.publir.com
api.btloader.com
archive.md
beacon-ams3.rubiconproject.com
btloader.com
c.amazon-adsystem.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cs.media.net
csm.eu.criteo.net
eus.rubiconproject.com
fastlane.rubiconproject.com
hbopenbid.pubmatic.com
ib.adnxs.com
image8.pubmatic.com
imageproxy.eu.criteo.net
match.adsrvr.org
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.media.net
px.ads.linkedin.com
s.amazon-adsystem.com
static.criteo.net
token.rubiconproject.com
top-fwz1.mail.ru
widget.nl3.eu.criteo.com
217.114.215.132.de.stw1.279677424.pixel.archive.md
130.211.23.194
142.250.184.194
142.250.186.38
178.250.1.6
178.250.1.9
185.101.35.175
185.64.189.112
185.64.190.79
185.89.211.84
23.218.210.30
23.35.228.23
2602:803:c003:200::37
2602:803:c003:200::44
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700::6811:190e
2606:4700:e6::ac40:c41e
2620:1ec:21::14
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::13
2a05:d018:d29:3602:bd5b:64ca:999b:f400
34.107.148.139
35.71.131.137
52.222.239.116
52.46.130.91
52.95.125.22
69.173.144.138
95.163.52.67
99.86.160.29
02de161c54e7acb4133b22fd985f5cb6a320baffd758b7f5da99e722c60e32f7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07f4a2ba87c0eef4920ffe5476101bc8e25d7356f28cdeb971f5e6197833e4b5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0c48fa42ed1b2777bae0d65c4173982db96d368db0c77214fdbfbed093d3d046
0dd98a1282467febe4367a87bc7d2c5c5e05ce23edc9e578a574992aed12ba39
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
34902ccb1aea408a0031489dbcc25da6cf50c09e277b5c0d87fe3c6c4d81023d
37190fe0b20799e4dc0cee074e827d499211534bd3e78fabedb37126c2550688
3fd79269ea291d76a6d78cb1a9684c8a5b4111867321bb639a6a1460a00575ac
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44ad17dd9f7575456243736c32b3c59a8c5373aba00473c81c701582e9ccea20
493eaab795c171dac333a8a7d6254c883f911b810cf2ae1d05d492a162700650
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54377a809d71ab5c6204fb9bc0ccaafcf5118444b33efb4b831db35871224d96
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6e810ffeabb73754256d3bac03325d9aee06de84c36273c6aac1bfdbbfb93a53
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77ff9526ba204b05a00796a7d35d495987635402000f6cb8da19b9ae6cca24b3
7bb16905633713d72955960ee3312dd19d4861ee7141bb7eb8e5b9b59af54d08
852161f7d281481bafd2554e0efe37b4345286f2da0c8ab41742262a0bea64cd
8591deeed80ff2f6b240bd53ae0186fb91f99227172ce770627185f23c155273
882a0c5480dcfc586bbed3b4e1ab393c91f7d399c7d3415e0a986f9a18320936
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e544354a251bfc131782d1e7ce5efcdf5ba7625efe20744d4069fe5e6a55485
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92f5f18bdae2fb0a06a69c6eb05c4f904465c36eed5273590920a6df60e936cc
99c11db2ff5d7863cdd20e7ea835ad069fe47a6dfeb38e47d40a1bc8e8296949
9a1fd75fe99db309a323a8605e7f89e3dc99b84906ee0ca1f9dd3bed912866ff
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0bcda4d3e86c2bca85fc89dd3990e7f3b2272f0e20e7e03d60384a4c4103145
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
afb7cbbcc5527f3174605e97940c1dcbd8b759835a37289434c805f1630abdfc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b67ae999431bb4b2abe9246aa76663ebafbc64c3b3cb52aa64ee372aefb966ed
b9adc41090bfdb3f4953633121d5375b990158425b55d79414a8a4c1b734716b
bc8a3d0bfd082b5ea2c03b8ec7d696f6e72053ea32e7e2b6ec25a09eb97f0680
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c27f03222cd776cd45a393f9b075cf309dceb53ed63ad298d35be47d522e8e7a
c2bfecdf9baf8d1e06565e4eb5b8669977eb5445986d026e2722d9e16972f30d
c3c305104f8a61ebe0b898da43a57798d6b7d6017675a03cf8b1ced4ff05c2f2
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d14620efec83c02e8cbb8ce615e0307849765535c316ba5231ff0ede760b9cc7
d303cbe6653b64072cb969d7307cb70bc416509a320bb8ee582757634b5f8de9
d90bddf2a2e21652bab5d90889388a00e3ae528a88dd8d8aa76fe510108fa225
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
df22c91521d4c10a8ed21ac4c6d664f9570ca19b8c0e1d8f5cc413a4edd03793
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9b81d2288c3fb03dd271e0f8e68a9059bda3a55f0387e25d9a24f2fbd2ae65
f54b65e5ef7387b69c8643b7cfda86eb03233e32b5c4ea8dae28aa6775acde34
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f74b9e1c79513199f1bd78ac535c05ca8e748a498f4a892ab51a9040ee557e9e
f8207e1f6d0d37425bbb866d1b448054885f3af2a442f3872c45ab9d1c316a2a
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

archive.md Open in urlscan Pro 185.101.35.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

87 %HTTPS

39 %IPv6

17 Domains

34 Subdomains

31 IPs

8 Countries

937 kBTransfer

1876 kBSize

15 Cookies

2 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

archive.md Open in urlscan Pro
185.101.35.175 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

87 %
HTTPS

39 %
IPv6

17
Domains

34
Subdomains

31
IPs

8
Countries

937 kB
Transfer

1876 kB
Size

15
Cookies

71 HTTP transactions
6 data transactions