archive.ph Open in urlscan Pro
217.197.116.88 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://archive.ph/u6085
Submission: On March 17 via api (March 17th 2023, 11:25:25 am UTC) from US — Scanned from US

Summary HTTP 42 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 14 domains to perform 42 HTTP transactions. The main IP is 217.197.116.88, located in Russian Federation and belongs to E-STYLEISP-AS, RU. The main domain is archive.ph. The Cisco Umbrella rank of the primary domain is 142220.
TLS certificate: Issued by R3 on March 11th 2023. Valid for: 3 months.

This is the only time archive.ph was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
3	217.197.116.88 217.197.116.88	20655 (E-STYLEIS...) (E-STYLEISP-AS)
3	2606:4700:303... 2606:4700:3034::6815:1377	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
7	2602:803:c002... 2602:803:c002:300::99	26667 (RUBICONPR...) (RUBICONPROJECT)
4	68.67.160.137 68.67.160.137	29990 (ASN-APPNEX) (ASN-APPNEX)
4	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7	3.230.217.116 3.230.217.116	14618 (AMAZON-AES) (AMAZON-AES)
4	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	8.28.7.82 8.28.7.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2620:112:f002... 2620:112:f002:bbbb::21	() ()
1 1	8.28.7.83 8.28.7.83	() ()
1	44.206.146.110 44.206.146.110	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	23.205.72.21 23.205.72.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.196.65.87 54.196.65.87	14618 (AMAZON-AES) (AMAZON-AES)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
1	173.223.56.26 173.223.56.26	() ()
42	13

3 217.197.116.88 (Russian Federation)

ASN20655 (E-STYLEISP-AS, RU)
PTR: 217-197-116-88.estt.ru

archive.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::6815:1377 (United States)

ASN13335 (CLOUDFLARENET, US)

a.publir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.publir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2602:803:c002:300::99 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.137 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.82 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (None, ) 1 redirects

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.206.146.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-146-110.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.205.72.21 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-72-21.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.196.65.87 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-65-87.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.56.26 (None, )

ASN- ()

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	media.net prebid.media.net — Cisco Umbrella Rank: 1234 cs.media.net — Cisco Umbrella Rank: 1370 contextual.media.net	11 KB
8	pubmatic.com 3 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 452 image8.pubmatic.com — Cisco Umbrella Rank: 623 simage2.pubmatic.com	2 KB
7	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1188	1007 B
7	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 440	3 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 214	3 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 285	2 KB
3	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 10662	16 KB
3	publir.com a.publir.com — Cisco Umbrella Rank: 44275 analytics.publir.com — Cisco Umbrella Rank: 63029	115 KB
3	archive.ph archive.ph — Cisco Umbrella Rank: 142220 104.237.193.28.us.est1.331060827.pixel.archive.ph Failed	38 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 210	1023 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 729	1 KB
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 420	662 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 515	38 B
1	turn.com 1 redirects ad.turn.com	517 B
42	14

	Domain	Requested by
7	c2shb.ssp.yahoo.com	a.publir.com
7	fastlane.rubiconproject.com	a.publir.com
4	prebid.media.net	a.publir.com
4	hbopenbid.pubmatic.com	a.publir.com
4	ib.adnxs.com	a.publir.com
3	x.bidswitch.net	3 redirects
3	cs.media.net
3	image8.pubmatic.com	2 redirects
3	top-fwz1.mail.ru	archive.ph
3	archive.ph	archive.ph
2	cm.g.doubleclick.net	2 redirects
2	pm.w55c.net	2 redirects
2	us-u.openx.net	2 redirects
2	a.publir.com	archive.ph a.publir.com
1	contextual.media.net
1	match.sharethrough.com
1	simage2.pubmatic.com	1 redirects
1	ad.turn.com	1 redirects
1	analytics.publir.com	a.publir.com
0	104.237.193.28.us.est1.331060827.pixel.archive.ph Failed	archive.ph
42	20

This site contains links to these domains. Also see Links.

Domain
archive.today
buymeacoffee.com

Subject Issuer	Validity	Valid
archive.ph R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
publir.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-03-01` - `2023-08-12`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://archive.ph/u6085
Frame ID: 91A3A97E2A1D194083C00EBB04C4B1DA
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facebook - log in or sign up

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

42
Requests

88 %
HTTPS

17 %
IPv6

14
Domains

20
Subdomains

13
IPs

2
Countries

189 kB
Transfer

579 kB
Size

23
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://archive.today/
Title: archive.todaywebpage capture

Search URL Search Domain Scan URL

URL: http://buymeacoffee.com/archive.today
Title: Buy me a coffee

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://image8.pubmatic.com/AdServer/ImgSync?p=1683294 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=1683294&rdf=1 HTTP 302
https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8784766863066027440&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 45

https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx HTTP 302
https://cs.media.net/cksync.html?cs=8&type=opxe88d7586-192e-0a9a-2bba-87bf35cd4361

Request Chain 46

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=MgHwSiiU1PD8d55

Request Chain 47

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=f775f86c-c9b3-4044-846f-6fd0959f455a&google_hm=Zjc3NWY4NmMtYzliMy00MDQ0LTg0NmYtNmZkMDk1OWY0NTVh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=medianet&bsw_param=f775f86c-c9b3-4044-846f-6fd0959f455a&google_hm=Zjc3NWY4NmMtYzliMy00MDQ0LTg0NmYtNmZkMDk1OWY0NTVh&google_tc= HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEP5nNeLgvGNe0Tix88ni6c&google_cver=1&ssp=medianet&bsw_param=f775f86c-c9b3-4044-846f-6fd0959f455a HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f775f86c-c9b3-4044-846f-6fd0959f455a&gdpr=&gdpr_consent=&gdpr_pd=

42 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request u6085 Show response
archive.ph/ 88 KB
17 KB 1516ms
1143ms Document
text/html 217.197.116.88
E-STYLEISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://archive.ph/u6085
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.197.116.88 , Russian Federation, ASN20655 (E-STYLEISP-AS, RU),
Reverse DNS: 217-197-116-88.estt.ru
Software: nginx /
Resource Hash: 0c3f5d462680ccf0c30c90608f208f0526061a268a66719fad7268a0f4f178e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: maxage=300
content-encoding: gzip
content-length: 16811
content-type: text/html;charset=utf-8
date: Fri, 17 Mar 2023 11:25:18 GMT
expires: Fri, 17 Mar 2023 11:30:18 GMT
link: <https://www.facebook.com/>; rel="original", <http://archive.md/timegate/https://www.facebook.com/>; rel="timegate", <http://archive.md/timemap/https://www.facebook.com/>; rel="timemap"; type="application/link-format"; from="Thu, 31 Dec 2015 12:20:37 GMT"; until="Thu, 16 Mar 2023 22:52:11 GMT", <http://archive.md/20230208162304/https://www.facebook.com/>; rel="prev memento"; datetime="Wed, 08 Feb 2023 16:23:04 GMT", <http://archive.md/20230214182459/https://www.facebook.com/>; rel="next memento"; datetime="Tue, 14 Feb 2023 18:24:59 GMT", <http://archive.md/20151231122037/https://www.facebook.com/>; rel="first memento"; datetime="Thu, 31 Dec 2015 12:20:37 GMT", <http://archive.md/20230316225211/https://www.facebook.com/>; rel="last memento"; datetime="Thu, 16 Mar 2023 22:52:11 GMT"
memento-datetime: Thu, 09 Feb 2023 17:40:04 GMT
server: nginx
vary: Accept-Language
x-host: p-archiveweb36

GET
H2 200 1100.js Show response
a.publir.com/platform/ 20 KB
6 KB 115ms
35ms Script
text/javascript 2606:4700:3034::6815:1377
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.publir.com/platform/1100.js
Requested by: Host: archive.ph
URL: https://archive.ph/u6085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1377 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4c37c9434e7c7a073769351cdf673f27616bb788ec354a2e362d00c64efbbe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archive.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:25:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QQKFKWQVHQESXW9N
age: 63275
cf-polished: origSize=21997
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 2nldzLCg5dMPXoHay3LbBeyxejVYb25SwVKyn/c27ga5XVBCoe7Ha/WC66J5y0S4UmLlk3rzPqo=
cf-bgj: minify
last-modified: Fri, 10 Feb 2023 17:35:17 GMT
server: cloudflare
etag: W/"4a250d99bd7d44d148bda3506d27dc63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdhH09Ssg55hbU7vcwQ7khn1p0mjq5kxJ8KR6SIAjKL2j6EPCphZa6xMvhLdGoE2abtJhlX7b080DT1bymVU1cTGB1Iq5GYoiKd8JOtdnRrHj2mPJ8kxWBDcsolH2%2FYhjR9aI5ykxH1oExw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7a94dfe1ac108133-ORD

GET x.gif
104.237.193.28.us.est1.331060827.pixel.archive.ph/ 0
0

GET
H2 200 prebid518.js Show response
a.publir.com/platform/common/ 384 KB
109 KB 38ms
36ms Script
application/javascript 2606:4700:3034::6815:1377
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.publir.com/platform/common/prebid518.js
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/1100.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1377 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 406fe958ad5843234e342f7548da419f86755995514ac1fdbbbabe25e80a9dfe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archive.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:25:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EP32WMESF5VQKSWG
age: 223522
cf-polished: origSize=393063
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: vLhoM0Eqo3MyIrGPxSiJUyZJcn1OpUun//WPWPfktM9Q3Fu8HWmLIuKyQ6amBuyLUIkmK/qJrHc=
cf-bgj: minify
last-modified: Thu, 07 Oct 2021 23:30:20 GMT
server: cloudflare
etag: W/"d9ff9359cbfb80ceb4f339da8df2eb91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIjR2ooC4sq%2B9rKB%2FZp1P%2BF8OnzM9Cqdidw8Nk%2FMN2SY%2F4xDkck1TgEF%2BRIHNBi0g83eTfUqhj4cJmUnSTIXwyi40pHaGg03nvL2Jz%2FK7XUchgOhhh%2Bc1gHYZUpHMiPVolMug8gbu8IG3Q0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7a94dfe1ec448133-ORD

POST
H2 200 publirPageViewTracker Show response
analytics.publir.com/ 4 B
580 B 298ms
272ms Fetch
application/json 2606:4700:3034::6815:1377
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.publir.com/publirPageViewTracker
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/1100.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1377 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Mar 2023 11:25:19 GMT
via: 1.1 caa0030d22a6085f61962306be552c66.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ORD58-P7
x-amzn-requestid: a0bf1f73-39ad-4f9e-b8cb-df2414215548
x-cache: Miss from cloudfront
x-amz-apigw-id: B7Ek5EwZIAMFw2A=
content-length: 4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-amzn-trace-id: Root=1-64144e1f-6ffb81950198430d5f9f2490;Sampled=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37pWoxbt9fYZ%2FqxQBele18eulWhuttAKXBCOoUlFaJxpJuUG2h1J7h9JboOmW%2FDxQt0ys796bE%2BjShUGBFrrpTovjjwX0ikQkHqLkdLniUMvF31IExdCUGABLK5EstrafNTD98fMACIeHdo1ab2yhmBV7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 7a94dfe21c5e8133-ORD
x-amz-cf-id: _TL9nOWRPmr-D9x1jOCQGladxxqzXrkiPz0Z85xhNIFpYVfHbvUvqA==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18b6c93a1c96a4604490c8c487e6592c6eaa37d4018ec6cbfc51a621202ded33

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 783 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8591deeed80ff2f6b240bd53ae0186fb91f99227172ce770627185f23c155273

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 942 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44ad17dd9f7575456243736c32b3c59a8c5373aba00473c81c701582e9ccea20

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afb7cbbcc5527f3174605e97940c1dcbd8b759835a37289434c805f1630abdfc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f54b65e5ef7387b69c8643b7cfda86eb03233e32b5c4ea8dae28aa6775acde34

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 858 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0bcda4d3e86c2bca85fc89dd3990e7f3b2272f0e20e7e03d60384a4c4103145

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9c352eade16303ab11126d68e01e39c2e799e283.png
archive.ph/u6085/ 19 KB
19 KB 231ms
231ms Image
image/png 217.197.116.88
E-STYLEISP-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.ph/u6085/9c352eade16303ab11126d68e01e39c2e799e283.png
Requested by: Host: archive.ph
URL: https://archive.ph/u6085
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.197.116.88 , Russian Federation, ASN20655 (E-STYLEISP-AS, RU),
Reverse DNS: 217-197-116-88.estt.ru
Software: nginx /
Resource Hash: 54338a6613654cab4d723709f45b831d63ba155ec6814409f899697b3ede052e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archive.ph/u6085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:25:19 GMT
last-modified: Tue, 21 Feb 2023 11:50:49 GMT
server: nginx
etag: 9c352ea-de16-303ab111
content-type: image/png
access-control-allow-origin: *
cache-control: maxage=3600
x-host: p-archiveweb37
accept-ranges: bytes
content-length: 19631
expires: Fri, 17 Mar 2023 12:25:19 GMT

GET
H2 200 b5461dc8f5f5f848033441d506ee05d48742438b.svg
archive.ph/u6085/ 2 KB
1 KB 155ms
154ms Image
image/svg+xml 217.197.116.88
E-STYLEISP-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.ph/u6085/b5461dc8f5f5f848033441d506ee05d48742438b.svg
Requested by: Host: archive.ph
URL: https://archive.ph/u6085
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.197.116.88 , Russian Federation, ASN20655 (E-STYLEISP-AS, RU),
Reverse DNS: 217-197-116-88.estt.ru
Software: nginx /
Resource Hash: 9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archive.ph/u6085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:25:19 GMT
content-encoding: gzip
last-modified: Thu, 16 Mar 2023 22:53:31 GMT
server: nginx
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: maxage=3600
x-host: p-archiveweb45
expires: Fri, 17 Mar 2023 11:39:33 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 33 KB
15 KB 496ms
163ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: archive.ph
URL: https://archive.ph/u6085

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archive.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 11 Jan 2023 13:29:54 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"63beb9d2-85cc"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Fri, 17 Mar 2023 12:25:19 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
960 B 158ms
157ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2825109;u=https%3A//archive.ph/u6085;st=1679052319069;title=Facebook%20-%20log%20in%20or%20sign%20up;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=2ab0fca4adc3f4d1;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.8//4g/0/0/;lvid=1679052319718%3A1679052319751%3A1%3Ad364fbb519067adcb1328b5d3b294862;visible=true;_=0.3438695277503243

Requested by

Host: archive.ph
URL: https://archive.ph/u6085

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archive.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:25:19 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
563 B 357ms
99ms XHR
application/json 2602:803:c002:300::99
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=418560&zone_id=2368166&size_id=9&rf=https%3A%2F%2Farchive.ph%2Fu6085&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=db05fdfe-175d-4449-9b7f-1a731ee8159f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4924740958077318
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cdc073a05370078d84e4159b972996e664b71206ce5c2c8d566c7f321ffb0501

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:25:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://archive.ph
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 240
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
564 B 368ms
110ms XHR
application/json 2602:803:c002:300::99
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=418560&zone_id=2368168&size_id=9&rf=https%3A%2F%2Farchive.ph%2Fu6085&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=6b5b85aa-1bef-400f-8cf4-6efae84ebfd6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4885999131087768
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 80801270309a9edbe9d84a009b5e859337c32c57f417c4e8c13640e76e8dbf68

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:25:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://archive.ph
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 240
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
786 B 344ms
87ms XHR
application/json 2602:803:c002:300::99
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=418560&zone_id=2368164&size_id=2&rf=https%3A%2F%2Farchive.ph%2Fu6085&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=0c0b7643-78ba-4027-898e-5d19edb68c25&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6655445887718854
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cbc5b171cdf67d6fc887088221c8af4bad00d3fca3b7b838dcfaaade243ccfd8

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:25:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://archive.ph
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 240
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
563 B 522ms
265ms XHR
application/json 2602:803:c002:300::99
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=418560&zone_id=2368172&size_id=15&alt_size_ids=43&rf=https%3A%2F%2Farchive.ph%2Fu6085&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=acf27711-2c68-4c93-96cc-1a1b24c77724&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1343936869274629
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ffabcbad6c2949a2fb9e26841a1ad2f97fe81e438ec9b2559a82e5e1325894e8

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:25:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://archive.ph
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
822 B 159ms
51ms XHR
application/json 68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 11:25:20 GMT
AN-X-Request-Uuid: f187fa75-a615-4a8c-b1e9-350f156222fd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://archive.ph
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 176ms
50ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://archive.ph
date: Fri, 17 Mar 2023 11:25:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
112 B 159ms
54ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c86017e7eb5e37eb6e976b20063&pos=8a969141017e7eb6e5f2b6ea07680007&cmd=bid&secure=1
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3ac03f30ed0949ff14aa41632964314752157b75ebbd4b15b211fa0aa692c44

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Mar 2023 11:25:20 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://archive.ph
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
334 B 154ms
50ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c86017e7eb5e37eb6e976b20063&pos=8a969141017e7eb6e5f2b6ea48520008&cmd=bid&secure=1
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 2315a8141b818cb3eb19f50a4beb32a9aa5275313b4d42d15f6336c6430ca9f2

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Mar 2023 11:25:20 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://archive.ph
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
112 B 155ms
51ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c86017e7eb5e37eb6e976b20063&pos=8a9699a8017e7eb6e018b6ea7f770007&cmd=bid&secure=1
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 5553f196246bc93a1664c4e8180c30fca18d31fc57793e3cef4b9efbae89e864

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Mar 2023 11:25:20 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://archive.ph
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
112 B 152ms
53ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c86017e7eb5e37eb6e976b20063&pos=8a969141017e7eb6e5f2b6eaae050009&cmd=bid&secure=1
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 28b8d7a4823cfffe2c7a0ff99e35c8edb03a06ae29a999cb1ab5698055059134

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Mar 2023 11:25:20 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://archive.ph
access-control-allow-credentials: true
content-length: 80

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 16 KB
7 KB 190ms
128ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU94KNQI
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7047a14ad9891d22814bf1e45d7060e95967e529c59bf580ef319131e6a17276

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:25:20 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://archive.ph
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 17 Mar 2023 11:25:20 GMT

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
872 B 176ms
175ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2825109;u=https%3A//archive.ph/u6085;st=1679052319069;title=Facebook%20-%20log%20in%20or%20sign%20up;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=2ab0fca4adc3f4d1;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1679052317052/////3/5/59/59/377/210/377/1520/1672/1835/2017/2017/2017/2863/2863/;ni=9.8//4g/0/0/;lvid=1679052319718%3A1679052319960%3A2%3Ad364fbb519067adcb1328b5d3b294862;visible=true;_=0.5724052684142797;e=RT/load;et=1679052319957

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archive.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:25:20 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
770 B 308ms
307ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU94KNQI
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf7ed9a2c4a1d5dbb999e4dd599ebd94458172b993b50dc4884068592721f8f6

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:25:20 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://archive.ph
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 17 Mar 2023 11:25:20 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
822 B 54ms
53ms XHR
application/json 68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 11:25:20 GMT
AN-X-Request-Uuid: 9b8dc00a-ecfb-43cc-bcb7-dd5b97fcb841
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://archive.ph
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 47ms
46ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://archive.ph
date: Fri, 17 Mar 2023 11:25:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
112 B 50ms
50ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c86017e7eb5e37eb6e976b20063&pos=8a969141017e7eb6e5f2b6ea07680007&cmd=bid&secure=1
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 69b834878893c2afbf472bd6ce517ad18600f23a792aedb889d87de36da5745b

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Mar 2023 11:25:20 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://archive.ph
access-control-allow-credentials: true
content-length: 80

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
274 B 124ms
124ms XHR
application/json 2602:803:c002:300::99
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=418560&zone_id=2368166&size_id=9&rf=https%3A%2F%2Farchive.ph%2Fu6085&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=956860dd-4ebf-4537-bcb6-f531854f4221&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1665756102468725
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 747f7adbdebb3274d40fdb60d6a05d7b78572e0fe86077bb4d6f83e745a2f73f

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:25:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://archive.ph
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 240
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
113 B 49ms
48ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c86017e7eb5e37eb6e976b20063&pos=8a969141017e7eb6e5f2b6ea48520008&cmd=bid&secure=1
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3d5cc940bdb5e3bed5c952b553364d0327e0c432299b93d2b326264f35638063

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Mar 2023 11:25:20 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://archive.ph
access-control-allow-credentials: true
content-length: 78

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
822 B 93ms
48ms XHR
application/json 68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 11:25:20 GMT
AN-X-Request-Uuid: 9d53779a-0e6d-4e58-be5e-64f9e0a20e86
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://archive.ph
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 48ms
47ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://archive.ph
date: Fri, 17 Mar 2023 11:25:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
274 B 105ms
105ms XHR
application/json 2602:803:c002:300::99
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=418560&zone_id=2368168&size_id=9&rf=https%3A%2F%2Farchive.ph%2Fu6085&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=17342652-c983-4837-b7f8-95ddc03a2575&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15080318377905777
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2f3d2b2c9fcda5b678c6920684e7db49ebcf895ab66a25a84e66b405c5b9f663

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:25:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://archive.ph
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 240
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
771 B 101ms
101ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU94KNQI
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ea951f71e277739c48f68667214499436da77e96723836f06c7d2b2b376e10a1

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:25:20 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://archive.ph
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 17 Mar 2023 11:25:20 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
274 B 104ms
103ms XHR
application/json 2602:803:c002:300::99
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=418560&zone_id=2368164&size_id=2&rf=https%3A%2F%2Farchive.ph%2Fu6085&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=54e9d128-a8d4-4f7b-a9e4-f91e5a814fc8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3356085241936013
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bb0f8851b2562c479d45680aac1a63bd72f910c3f9430e2b9d979941f19d4338

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:25:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://archive.ph
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 240
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
822 B 115ms
44ms XHR
application/json 68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 11:25:20 GMT
AN-X-Request-Uuid: 6b5b139b-d58c-4747-911b-584969031056
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://archive.ph
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
112 B 52ms
50ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c86017e7eb5e37eb6e976b20063&pos=8a9699a8017e7eb6e018b6ea7f770007&cmd=bid&secure=1
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 88b38325b0c79156c6d2c4852ebabccaa1ba85481be7f62fa3c5f214c4b68c87

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Mar 2023 11:25:20 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://archive.ph
access-control-allow-credentials: true
content-length: 80

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
768 B 119ms
119ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU94KNQI
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 34159ca55c2d1d95f7fdf35fb187fcd8140b2623ff7a22b0b1b9ec6d7701e94d

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 11:25:20 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://archive.ph
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 17 Mar 2023 11:25:20 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 47ms
46ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid518.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://archive.ph/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://archive.ph
date: Fri, 17 Mar 2023 11:25:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=1683294
https://image8.pubmatic.com/AdServer/ImgSync?p=1683294&rdf=1
https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8784766863066027440&gdpr=&gdpr_consent=&us_privacy=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
220 B

38ms
37ms

Image
text/plain

8.28.7.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archive.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 04:45:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Fri, 17 Mar 2023 11:25:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 400 v1
match.sharethrough.com/universal/ 0
38 B 147ms
44ms Image
text/plain 44.206.146.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=zKJmsEAd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.146.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-146-110.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archive.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:25:23 GMT
content-length: 0

GET
H/1.1

200
OK

cksync.html
cs.media.net/
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx
https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx
https://cs.media.net/cksync.html?cs=8&type=opxe88d7586-192e-0a9a-2bba-87bf35cd4361

0
0

93ms
58ms

Image
text/html

23.205.72.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.html?cs=8&type=opxe88d7586-192e-0a9a-2bba-87bf35cd4361
Protocol: HTTP/1.1
Server: 23.205.72.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-72-21.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archive.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date: Fri, 17 Mar 2023 11:25:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cs.media.net/cksync.html?cs=8&type=opxe88d7586-192e-0a9a-2bba-87bf35cd4361
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

cksync.php
cs.media.net/
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=MgHwSiiU1PD8d55

237 B
816 B

82ms
68ms

Image
image/gif

23.205.72.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=MgHwSiiU1PD8d55
Protocol: HTTP/1.1
Server: 23.205.72.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-72-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archive.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 11:25:23 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 237
x-mnet-hl2: E
Expires: Fri, 17 Mar 2023 11:25:23 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 11:25:22 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-770-gc22eae1#rel-ec2-master i-0dde2f4ea59a99a93@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=MgHwSiiU1PD8d55
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=f775f86c-c9b3-4044-846f-6fd0959f455a&google_hm=Zjc3NWY4NmMtYzliMy00MDQ0LTg0NmYtNmZkMDk1OWY0NTVh
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=medianet&bsw_param=f775f86c-c9b3-4044-846f-6fd0959f455a&google_hm=Zjc3NWY4NmMtYzliMy00MDQ0LTg0NmYtNmZkMDk1OWY0N...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEP5nNeLgvGNe0Tix88ni6c&google_cver=1&ssp=medianet&bsw_param=f775f86c-c9b3-4044-846f-6fd0959f455a
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f775f86c-c9b3-4044-846f-6fd0959f455a&gdpr=&gdpr_consent=&gdpr_pd=

237 B
659 B

224ms
120ms

Image
image/gif

173.223.56.26

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f775f86c-c9b3-4044-846f-6fd0959f455a&gdpr=&gdpr_consent=&gdpr_pd=

Protocol

Server

173.223.56.26 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archive.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 11:25:24 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 237
x-mnet-hl2: E
expires: Fri, 17 Mar 2023 11:25:24 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f775f86c-c9b3-4044-846f-6fd0959f455a&gdpr=&gdpr_consent=&gdpr_pd=
Date: Fri, 17 Mar 2023 11:25:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK cksync.php
cs.media.net/ 236 B
825 B 222ms
107ms Image
image/gif 23.205.72.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.72.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-72-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec3a21a491af4587bee1627d1283c4ec4b36021a7e281dea2ea6e20fd827ce71

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archive.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 11:25:23 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 236
x-mnet-hl2: E
Expires: Fri, 17 Mar 2023 11:25:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 104.237.193.28.us.est1.331060827.pixel.archive.ph
URL: https://104.237.193.28.us.est1.331060827.pixel.archive.ph/x.gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
archive.ph/	1970-01-20 10:24:19	Name: _ga Value: GA1.2.661111166.1679052319
.archive.ph/	1970-01-20 18:23:43	Name: tmr_lvid Value: d364fbb519067adcb1328b5d3b294862
.archive.ph/	1970-01-20 18:23:43	Name: tmr_lvidTS Value: 1679052319718
.mail.ru/	1970-01-20 19:11:14	Name: VID Value: 2ASPsH0gpuYG00000p1cP4IG:::0-0-0-92ea6df:CAASELCQJfp233IjpfUFstSXQIkaYE7YKCzD3cR6sq8tl_6EutyixL3McaSEdvEUp_-0gOpf8HJlzlmfrCwapcnLD7Ued2M0LJsvSN28ex6idRgWF8-IBON7CUwvCeD21p6_nF1-dSCbg63cdEIxRdrBR5pKow
.rubiconproject.com/	1970-01-20 19:09:48	Name: khaos Value: LFCGEDW4-9-HHC2
.rubiconproject.com/	1970-01-20 19:09:48	Name: audit Value: 1\|i7WLabMcVxIrOct0addRslYvo2XO8wv+vGi7zdmzImao/mCuQvVvPPlkgCrEWfjaX2AMaQp746xYjMnp+whsNZ5Dmf737jBr0A+VO7RH1E0=
archive.ph/	1970-01-20 10:25:38	Name: tmr_detect Value: 0%7C1679052322009
.openx.net/	1970-01-20 19:09:48	Name: i Value: f30d2340-1ba9-0f8d-1223-3139e305e240\|1679052323
.pubmatic.com/	1970-01-20 10:25:38	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 12:33:48	Name: SyncRTB3 Value: 1679616000%3A2
.pubmatic.com/	1970-01-20 10:24:12	Name: ipc Value: 1683294^^1^0
.pubmatic.com/	1970-01-20 10:25:38	Name: pi Value: 1683294:2
.pubmatic.com/	1970-01-20 19:09:48	Name: KADUSERCOOKIE Value: B35691EE-8AF1-458A-90FF-B3A9318688D7
.pubmatic.com/	1970-01-20 12:33:48	Name: chkChromeAb67Sec Value: 1
.bidswitch.net/	1970-01-20 19:09:48	Name: tuuid Value: f775f86c-c9b3-4044-846f-6fd0959f455a
.bidswitch.net/	1970-01-20 19:09:48	Name: c Value: 1679052323
.bidswitch.net/	1970-01-20 19:09:48	Name: tuuid_lu Value: 1679052323
.w55c.net/	1970-01-20 19:55:53	Name: wfivefivec Value: MgHwSiiU1PD8d55
.w55c.net/	1970-01-20 11:07:24	Name: matchmedianet Value: 5
.media.net/	1970-01-20 19:09:48	Name: visitor-id Value: 3220539231193251000V10
.media.net/	1970-01-20 19:08:21	Name: data-xu Value: MgHwSiiU1PD8d55~~8
.doubleclick.net/	1970-01-20 20:00:12	Name: IDE Value: AHWqTUkM2VJoPTj9diBAfb7ps-LyBnPwWgKMX7mpEYhzWQ-MLMDBHvVE20xTSiSy-bQ
.turn.com/	1970-01-20 14:43:24	Name: uid Value: 8784766863066027440

33 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://104.237.193.28.us.est1.331060827.pixel.archive.ph/x.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 21) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 26) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 27) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 29) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 30) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 31) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 32) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 33) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 34) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 35) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 36) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 37) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://archive.ph/u6085(Line 38) Message: <link rel=preload> has an invalid `href` value
network	error	URL: https://match.sharethrough.com/universal/v1?supply_id=zKJmsEAd Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

104.237.193.28.us.est1.331060827.pixel.archive.ph
a.publir.com
ad.turn.com
analytics.publir.com
archive.ph
c2shb.ssp.yahoo.com
cm.g.doubleclick.net
contextual.media.net
cs.media.net
fastlane.rubiconproject.com
hbopenbid.pubmatic.com
ib.adnxs.com
image8.pubmatic.com
match.sharethrough.com
pm.w55c.net
prebid.media.net
simage2.pubmatic.com
top-fwz1.mail.ru
us-u.openx.net
x.bidswitch.net
104.237.193.28.us.est1.331060827.pixel.archive.ph
104.36.115.111
142.250.65.162
173.223.56.26
217.197.116.88
23.205.72.21
2602:803:c002:300::99
2606:4700:3034::6815:1377
2620:112:f002:bbbb::21
3.230.217.116
34.107.148.139
34.98.64.218
35.211.178.172
44.206.146.110
54.196.65.87
68.67.160.137
8.28.7.82
8.28.7.83
95.163.52.67
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c3f5d462680ccf0c30c90608f208f0526061a268a66719fad7268a0f4f178e8
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
18b6c93a1c96a4604490c8c487e6592c6eaa37d4018ec6cbfc51a621202ded33
2315a8141b818cb3eb19f50a4beb32a9aa5275313b4d42d15f6336c6430ca9f2
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
28b8d7a4823cfffe2c7a0ff99e35c8edb03a06ae29a999cb1ab5698055059134
2f3d2b2c9fcda5b678c6920684e7db49ebcf895ab66a25a84e66b405c5b9f663
34159ca55c2d1d95f7fdf35fb187fcd8140b2623ff7a22b0b1b9ec6d7701e94d
3d5cc940bdb5e3bed5c952b553364d0327e0c432299b93d2b326264f35638063
406fe958ad5843234e342f7548da419f86755995514ac1fdbbbabe25e80a9dfe
44ad17dd9f7575456243736c32b3c59a8c5373aba00473c81c701582e9ccea20
54338a6613654cab4d723709f45b831d63ba155ec6814409f899697b3ede052e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5553f196246bc93a1664c4e8180c30fca18d31fc57793e3cef4b9efbae89e864
69b834878893c2afbf472bd6ce517ad18600f23a792aedb889d87de36da5745b
7047a14ad9891d22814bf1e45d7060e95967e529c59bf580ef319131e6a17276
747f7adbdebb3274d40fdb60d6a05d7b78572e0fe86077bb4d6f83e745a2f73f
80801270309a9edbe9d84a009b5e859337c32c57f417c4e8c13640e76e8dbf68
8591deeed80ff2f6b240bd53ae0186fb91f99227172ce770627185f23c155273
86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769
88b38325b0c79156c6d2c4852ebabccaa1ba85481be7f62fa3c5f214c4b68c87
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
a0bcda4d3e86c2bca85fc89dd3990e7f3b2272f0e20e7e03d60384a4c4103145
afb7cbbcc5527f3174605e97940c1dcbd8b759835a37289434c805f1630abdfc
bb0f8851b2562c479d45680aac1a63bd72f910c3f9430e2b9d979941f19d4338
bb4c37c9434e7c7a073769351cdf673f27616bb788ec354a2e362d00c64efbbe
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
cbc5b171cdf67d6fc887088221c8af4bad00d3fca3b7b838dcfaaade243ccfd8
cdc073a05370078d84e4159b972996e664b71206ce5c2c8d566c7f321ffb0501
cf7ed9a2c4a1d5dbb999e4dd599ebd94458172b993b50dc4884068592721f8f6
e3ac03f30ed0949ff14aa41632964314752157b75ebbd4b15b211fa0aa692c44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea951f71e277739c48f68667214499436da77e96723836f06c7d2b2b376e10a1
ec3a21a491af4587bee1627d1283c4ec4b36021a7e281dea2ea6e20fd827ce71
f54b65e5ef7387b69c8643b7cfda86eb03233e32b5c4ea8dae28aa6775acde34
ffabcbad6c2949a2fb9e26841a1ad2f97fe81e438ec9b2559a82e5e1325894e8

archive.ph Open in urlscan Pro 217.197.116.88 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

42 Requests

88 %HTTPS

17 %IPv6

14 Domains

20 Subdomains

13 IPs

2 Countries

189 kBTransfer

579 kBSize

23 Cookies

2 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

archive.ph Open in urlscan Pro
217.197.116.88 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

88 %
HTTPS

17 %
IPv6

14
Domains

20
Subdomains

13
IPs

2
Countries

189 kB
Transfer

579 kB
Size

23
Cookies

42 HTTP transactions
8 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!