archive.md Open in urlscan Pro
5.188.88.193 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://archive.md/hhJwM
Submission: On November 13 via api (November 13th 2021, 3:13:51 pm UTC) from US — Scanned from DE

Summary HTTP 190 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 56 IPs in 11 countries across 67 domains to perform 190 HTTP transactions. The main IP is 5.188.88.193, located in Russian Federation and belongs to PINVDS, EE. The main domain is archive.md.
TLS certificate: Issued by R3 on November 9th 2021. Valid for: 3 months.

This is the only time archive.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	5.188.88.193 5.188.88.193	41909 (PINVDS) (PINVDS)
3	94.31.29.32 94.31.29.32	6461 (ZAYO-6461) (ZAYO-6461)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
3 6	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
8	52.211.147.79 52.211.147.79	16509 (AMAZON-02) (AMAZON-02)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1		() ()
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:1ec:46::44 2620:1ec:46::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 18	52.208.210.171 52.208.210.171	16509 (AMAZON-02) (AMAZON-02)
1	67.202.105.21 67.202.105.21	32748 (STEADFAST) (STEADFAST)
2	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
2 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1	35.153.224.87 35.153.224.87	14618 (AMAZON-AES) (AMAZON-AES)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
4 4	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
4 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	162.210.196.208 162.210.196.208	() ()
4	185.86.139.113 185.86.139.113	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
5 6	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
2 2	2a05:d018:24:... 2a05:d018:24:b002:2591:850:d183:b9b4	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 7	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4 4	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
2 2	63.35.242.195 63.35.242.195	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
4 5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
1 1	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	18.185.209.98 18.185.209.98	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
1 1	54.87.192.123 54.87.192.123	14618 (AMAZON-AES) (AMAZON-AES)
2 2	50.31.142.159 50.31.142.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
3 4	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	34.232.92.67 34.232.92.67	14618 (AMAZON-AES) (AMAZON-AES)
1	193.122.130.38 193.122.130.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2 2	52.16.241.140 52.16.241.140	16509 (AMAZON-02) (AMAZON-02)
1 1	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	208.100.17.175 208.100.17.175	32748 (STEADFAST) (STEADFAST)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	202.241.208.55 202.241.208.55	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
190	56

42 5.188.88.193 (Russian Federation)

ASN41909 (PINVDS, EE)

archive.md	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.31.29.32 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.91 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.211.147.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-147-79.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 (None, )

ASN- ()

uuid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.208.210.171 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net

pixel.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.153.224.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-224-87.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 82.145.213.8 (Norway) 4 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.210.196.208 (None, ) 1 redirects

ASN- ()

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.237 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:2591:850:d183:b9b4 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.132.241 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.148.16 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.242.195 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.180.3 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.90 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.209.98 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-209-98.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.151.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.192.123 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-192-123.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.159 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.95 (United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.92.67 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-92-67.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.241.140 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-241-140.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.175 (United States)

ASN32748 (STEADFAST, US)
PTR: ip175.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.55 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	archive.md archive.md 91.199.118.155.de.pin6.295673402.pixel.archive.md Failed	1 MB
26	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	315 KB
18	gumgum.com 1 redirects g2.gumgum.com rtb.gumgum.com	6 KB
16	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	31 KB
15	doubleclick.net 6 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	159 KB
9	servenobid.com ads.servenobid.com public.servenobid.com	7 KB
8	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	23 KB
7	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	8 KB
6	adform.net 5 redirects c1.adform.net	3 KB
6	smartadserver.com ssbsync.smartadserver.com rtb-csync.smartadserver.com	2 KB
5	adsrvr.org 4 redirects match.adsrvr.org	2 KB
5	yahoo.com 5 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	2 KB
5	criteo.com 2 redirects bidder.criteo.com gum.criteo.com mug.criteo.com dis.criteo.com	7 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	outbrain.com 3 redirects sync.outbrain.com	1 KB
4	mathtag.com 4 redirects sync.mathtag.com	3 KB
4	opera.com 4 redirects t.adx.opera.com	3 KB
4	google.com 1 redirects adservice.google.com www.google.com	2 KB
4	onetag-sys.com onetag-sys.com	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	1rx.io 3 redirects sync.1rx.io	569 B
3	4dex.io script.4dex.io mp.4dex.io	24 KB
3	mail.ru top-fwz1.mail.ru	13 KB
3	buysellads.net cdn4.buysellads.net	203 KB
2	creativecdn.com 2 redirects creativecdn.com	695 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	630 B
2	360yield.com 2 redirects ad.360yield.com	616 B
2	openx.net 2 redirects us-u.openx.net	672 B
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	avct.cloud 2 redirects ads.avct.cloud	892 B
2	deepintent.com match.deepintent.com	60 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	901 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	onaudience.com 2 redirects pixel.onaudience.com	887 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	tidaltv.com 2 redirects sync.tidaltv.com	717 B
2	3lift.com 2 redirects eb2.3lift.com	729 B
2	rfihub.com 2 redirects p.rfihub.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	1 KB
2	33across.com pixel.33across.com ssc-cms.33across.com
2	criteo.net static.criteo.net	53 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	media.net prebid.media.net contextual.media.net	9 KB
2	googletagservices.com www.googletagservices.com	63 KB
1	socdm.com 1 redirects tg.socdm.com	700 B
1	emxdgt.com cs.emxdgt.com
1	technoratimedia.com sync.technoratimedia.com	293 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	contextweb.com 1 redirects bh.contextweb.com	383 B
1	bluekai.com 1 redirects stags.bluekai.com	1 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	610 B
1	turn.com 1 redirects ad.turn.com	425 B
1	simpli.fi um.simpli.fi	616 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	487 B
1	aralego.com 1 redirects sync.aralego.com	345 B
1	a-mo.net 1 redirects prebid.a-mo.net	311 B
1	sonobi.com sync.go.sonobi.com	474 B
1	postrelease.com jadserve.postrelease.com	428 B
1	2mdn.net s0.2mdn.net	35 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	function sub() { [native code] }.	104 KB
1	google.co.uk adservice.google.co.uk	424 B
1	google.de adservice.google.de	424 B
1	googleadservices.com partner.googleadservices.com	405 B
1	omnitagjs.com hb-api.omnitagjs.com	704 B
0	brand-display.com Failed dmp.brand-display.com Failed
190	67

	Domain	Requested by
42	archive.md	archive.md
19	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com uuid
17	rtb.gumgum.com	1 redirects g2.gumgum.com
8	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com ssbsync.smartadserver.com ssum-sec.casalemedia.com g2.gumgum.com
7	cm.g.doubleclick.net	6 redirects g2.gumgum.com
7	pagead2.googlesyndication.com	cdn4.buysellads.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	c1.adform.net	5 redirects ads.pubmatic.com
6	ib.adnxs.com	3 redirects cdn4.buysellads.net acdn.adnxs.com
5	match.adsrvr.org	4 redirects ssum-sec.casalemedia.com
4	sync.outbrain.com	3 redirects g2.gumgum.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	sync.mathtag.com	4 redirects
4	simage2.pubmatic.com	ads.pubmatic.com
4	image2.pubmatic.com	ads.pubmatic.com
4	rtb-csync.smartadserver.com	ssbsync.smartadserver.com
4	ups.analytics.yahoo.com	4 redirects
4	t.adx.opera.com	4 redirects
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com uuid
4	onetag-sys.com	cdn4.buysellads.net public.servenobid.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net uuid
3	x.bidswitch.net	3 redirects
3	sync.1rx.io	3 redirects
3	ssum-sec.casalemedia.com	1 redirects public.servenobid.com ssum-sec.casalemedia.com
3	ads.pubmatic.com	cdn4.buysellads.net ads.pubmatic.com g2.gumgum.com
3	top-fwz1.mail.ru	archive.md top-fwz1.mail.ru
3	cdn4.buysellads.net	archive.md
2	creativecdn.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	eus.rubiconproject.com	g2.gumgum.com eus.rubiconproject.com
2	ad.360yield.com	2 redirects
2	us-u.openx.net	2 redirects
2	b1sync.zemanta.com	2 redirects
2	ads.avct.cloud	2 redirects
2	match.deepintent.com	ssum-sec.casalemedia.com g2.gumgum.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	sync.crwdcntrl.net	2 redirects
2	pixel.onaudience.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	sync.tidaltv.com	2 redirects
2	eb2.3lift.com	2 redirects
2	p.rfihub.com	2 redirects
2	ce.lijit.com	1 redirects public.servenobid.com
2	ssbsync.smartadserver.com	public.servenobid.com g2.gumgum.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	script.4dex.io	cdn4.buysellads.net script.4dex.io
2	www.googletagservices.com	cdn4.buysellads.net uuid
1	simage4.pubmatic.com	ads.pubmatic.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	tg.socdm.com	1 redirects
1	cs.emxdgt.com	g2.gumgum.com
1	ssc-cms.33across.com	g2.gumgum.com
1	secure-assets.rubiconproject.com	1 redirects
1	sync.technoratimedia.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	bh.contextweb.com	1 redirects
1	stags.bluekai.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ad.turn.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	dis.criteo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync.aralego.com	1 redirects
1	prebid.a-mo.net	1 redirects
1	sync.go.sonobi.com	public.servenobid.com
1	jadserve.postrelease.com	public.servenobid.com
1	pixel.33across.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	image6.pubmatic.com	ads.pubmatic.com
1	acdn.adnxs.com	cdn4.buysellads.net
1	contextual.media.net	cdn4.buysellads.net
1	public.servenobid.com	cdn4.buysellads.net
1	mug.criteo.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	fonts.googleapis.com	tpc.googlesyndication.com
1	uuid	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	prebid.media.net	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	mp.4dex.io	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	hbopenbid.pubmatic.com	cdn4.buysellads.net
0	dmp.brand-display.com Failed	ssum-sec.casalemedia.com
0	91.199.118.155.de.pin6.295673402.pixel.archive.md Failed	archive.md
190	94

This site contains links to these domains. Also see Links.

Domain
archive.today

Subject Issuer	Validity	Valid
archive.md R3	`2021-11-09` - `2022-02-07`	3 months	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-03` - `2022-09-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
ads.servenobid.com Amazon	`2021-06-28` - `2022-07-27`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
public.servenobid.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-22` - `2022-05-22`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://archive.md/hhJwM
Frame ID: C5DA2046C2570D769A5050B7C561DFA1
Requests: 93 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Frame ID: 0C62B682DBA9365044BBD0334DE4F153
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9454946816537646&output=html&adk=1812271804&adf=3025194257&lmt=1636816425&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Farchive.md%2FhhJwM&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636816425669&bpp=4&bdt=815&idt=201&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=438868652872&frm=20&pv=2&ga_vid=661111166.1636816425&ga_sid=1636816426&ga_hid=1861197712&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2023808963726945&pem=684&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=224
Frame ID: C015D4199BD89453B7E39A1964CC475F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2C7BDBEFF59FB170D3EAFFFDDAF6D1DD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 734671FA3D1948A24310BBB27C920607
Requests: 2 HTTP requests in this frame

Frame: urn://uuid:e10ca115-d365-8df0-a504-8df0d365e10c
Frame ID: 0D83D06CF6288AD5C4AB3AC69927DE42
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html
Frame ID: 755C5D88BE0CA534A5C9F55AA5A100AE
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 186E62073490AB9723C47766895F347D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=archive.md
Frame ID: A3463FEF05FB6D321661E88F3BB31DE2
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1636816425914
Frame ID: C50BBEAC122F2A92DAFE1072713BFA58
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: CEA98E4C2A9A9569F1E10CDA04D6A3B6
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C236%2C214%2C237%2C2025%2C3014%2C117%2C70%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: C22F6D4C79E1EA60C03EF43080786D9F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: E1F84A80CAF21BF9893DA3B3CC2B56BE
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 51385001542D27C1193DF03FDD0BF50E
Requests: 3 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: EB5171D7391CFDEC4DED5613049360D4
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 718802390F5F78177A131E5B4124D9FF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 7A7B6E46CE4E31710ACB90078D9EA7AC
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: CDF6C54B553FA9608FE725C54297B567
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: D83182F90736EB3D757B90D1969CA669
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F854D849-B6F0-4DE3-9293-F49797D0980A
Frame ID: 57A004F703485E86D27A5A836E8F92D8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5298848956256377212
Frame ID: 823B9A56F79287CCFFED980420B66822
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 86169C17E9A67A482C460ED80E18F57A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 3E3304810931CC0138B53FC985111D0F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=bc278112-f222-45ba-9a4a-207e71f23e0a&t=1639408429
Frame ID: 9E94778FC7A510578A192235EB0B0C11
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: DA5227DBF5EC3858D955EAEFF2D24ED0
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=cc3d618f-d62c-4200-a8f0-c0d3eb13ec1c&gdpr=0&gdpr_consent=
Frame ID: D258AC673396CD10ECBB4A89156FB9C0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YY-WLQAAAPUhkwBG&gdpr=0&gdpr_consent=&_test=YY-WLQAAAPUhkwBG
Frame ID: 5748D9911C9F2C5726E6626B5EDB0785
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yMzAzYzAwNC05NGJhLTQxMDItYTA2Mi0wNTJhMjYyYTg5NTI=&gdpr=0&gdpr_consent=
Frame ID: C89EB1C62E93DCC5A7623F0BE3B123D6
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: FE24D289DA11B4E33FD3822EAA71ED9C
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: CE28BE6E696250C6802D0ACB84A28035
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YY-WLcCo5tEAAEHGDBkAAAAA
Frame ID: F7F98549B7AC84995CAE159A6E426A80
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=5134455419440117170
Frame ID: 06E37412E029C801C67801EA55A8582F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=cPaP6dDmYorXe0yQTDNh&pi=gumgum&tc=1
Frame ID: 622881A2800B39F0D7C9739E51D25875
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fauci says 3 shots needed for “full vaccination,” while the double-vaxxed will LOSE their vaccine passports – NaturalNews.com

Page Statistics

190
Requests

78 %
HTTPS

21 %
IPv6

67
Domains

94
Subdomains

56
IPs

11
Countries

2399 kB
Transfer

4519 kB
Size

89
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://archive.today/
Title: archive.todaywebpage capture

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 119

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 126

https://gum.criteo.com/sid/json?origin=publishertag&domain=archive.md&sn=ChromeSyncframe&so=0&topUrl=archive.md&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Hbcs7Hw3cFpJanUvOWczWUc4RDNIcm4wbFRFSGRrZzR6U1gxRi8rQzh6ZXJjVUtZV1d3bUdVakNhVGRqNUJKMEZMREllRGZ6TEZqaXVoMlRjdXJjak5nOS9CbXg3MjBtNXdMZmJuMXNnaUh6cGVpanIwdTk5dHVJZDVibFl5OHVqUDJYR0E1MXdleEhpOWIxWUljZWcyaWcwenRkZFBUQTlFdlFLY2szU3RhTzJoZlNMcVpGVXhvMFJjUTR1cjQyMnVJVW8rZzhuamtaUmZ2ZGRjcnlyYlVZMGZZUjRBWHJSd2IybitNT1VjNWViV2lIblpBeUZtYklMc1pYZU93VExCKzFzcVJlMHAvUFdSZ2dncjhRSVpnMnUxQT09fA&cppv=2

Request Chain 138

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 139

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=4876386925082413748

Request Chain 140

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1

Request Chain 141

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT

Request Chain 143

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5134455419440117170

Request Chain 145

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=e5db435e-d7ea-4031-8c43-20950b5a39b2&gdpr=0&gdpr_consent=&us_privacy=1YN-

Request Chain 146

https://t.adx.opera.com/pub/sync?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D335%26uid%3D HTTP 302
https://ups.analytics.yahoo.com/ups/58484/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58484/occ?verify=true HTTP 302
https://t.adx.opera.com/sync?vendor=60112&uid=y-47i.JeZE2uH_dEiyn_629ZwyGClr3MMHyCPyNlw-~A HTTP 302
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D$UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D%24UID HTTP 302
https://t.adx.opera.com/sync?vendor=60124&uid=11033256105798418974 HTTP 302
https://sync.aralego.com/idSync?ucf_nid=par-627D96DE43D94E241EAD99688E72B636&ucf_user_id=585215a4adb0201e&redirect=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fuid%3DUCFUID%26vendor%3D60114 HTTP 302
https://t.adx.opera.com/sync?uid=UCFUID&vendor=60114 HTTP 302
https://ads.servenobid.com/sync?operaUid=5908fc0bf2a34138ba3e51aa2ffe66b2&pid=335&uid=

Request Chain 147

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 149

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT

Request Chain 150

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7030073032116140187&gdpr=0&gdpr_consent=

Request Chain 151

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5764881899331980873&gdpr=0&gdpr_consent=

Request Chain 152

https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=9e576311-9bab-4a9e-ab48-8350f2942be0&gdpr=0&gdpr_consent=

Request Chain 153

https://c1.adform.net/serving/cookie/match?party=14&cid=F854D849-B6F0-4DE3-9293-F49797D0980A HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F854D849-B6F0-4DE3-9293-F49797D0980A

Request Chain 154

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5298848956256377212

Request Chain 155

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-FTYSbbwTeOSk_SXl9CYCg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 157

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cc3d618f-d62c-4200-a8f0-c0d3eb13ec1c

Request Chain 158

https://pixel.onaudience.com/?partner=214&mapped=F854D849-B6F0-4DE3-9293-F49797D0980A HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=865a12592e1edabab7ede6f59971c427 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=680c7375d4671c7b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5d909844-73c2-4691-7e88-9eb356a11056&reqId=da1c4c71-a240-46bc-5ed2-f5448b94b9e0&zcluid=680c7375d4671c7b&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEHBsmgTiWXmcGzOKCIRzJVY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5d909844-73c2-4691-7e88-9eb356a11056&reqId=da1c4c71-a240-46bc-5ed2-f5448b94b9e0&zcluid=680c7375d4671c7b&zdid=1332

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjg1NEQ4NDktQjZGMC00REUzLTkyOTMtRjQ5Nzk3RDA5ODBB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM2Hq6p07DDZckwEwe0QerA&google_cver=1

Request Chain 162

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7787618f-d62c-4100-93b9-baf573fa22e1&gdpr=0&gdpr_consent=

Request Chain 163

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2675393310278944215

Request Chain 164

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bc278112-f222-45ba-9a4a-207e71f23e0a

Request Chain 165

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4876386925082413748&gdpr=0&gdpr_consent=

Request Chain 166

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F854D849-B6F0-4DE3-9293-F49797D0980A&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F854D849-B6F0-4DE3-9293-F49797D0980A&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-C1u3g7tE2uUpyK6NL1A_XX1x31iyefM-~A&gdpr=0&gdpr_consent=

Request Chain 168

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY_WLY1H7VmFwmavD_OjgQAABIMAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY_WLY1H7VmFwmavD_OjgQAABIMAAAAB&dcc=t

Request Chain 169

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YY-WLY1H7VmFwmavD-OjgQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKLxqrKxRKgXPvxZcngxtvs&google_cver=1&gdpr=1

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY_WLY1H7VmFwmavD_OjgQAABIMAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI2DNug3UCEzFw_-k7qqDaY&google_cver=1

Request Chain 171

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9fd7618f-d62c-4200-bf98-338bc4901456&gdpr=1&gdpr_consent=

Request Chain 172

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2986191211660045799

Request Chain 176

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=8853291561707285166

Request Chain 177

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2303c004-94ba-4102-a062-052a262a8952&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2303c004-94ba-4102-a062-052a262a8952&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=6366cde9-183f-4834-a054-7f940af52a1a&ssp=gumgum2 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=6561a5d6-93f6-41fc-83ce-f90baf8695da

Request Chain 178

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-4400c6f5-98f5-4f51-523b-94afd25eaefb$ip$91.199.118.155

Request Chain 179

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2303c004-94ba-4102-a062-052a262a8952&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://stags.bluekai.com/site/23178?id=Nw_ZXo5LWvJ7E3hzgFym&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TTXL5NFQ3ZVJRLXMSRXIUZWQ6THIZ4W2JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TTXL5NFQ3ZVJRLXMSRXIUZWQ6THIZ4W2JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=Nw_ZXo5LWvJ7E3hzgFym&us_privacy=1---

Request Chain 180

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

Request Chain 181

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=jA1WDOxurt0E&ev=1&pid=558355

Request Chain 182

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28mNrj_L5C4aqqvedIvQapPEo9affX5CHokh-glClEyD0uFz78mgRFienwyLit3UJu%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28mNrj_L5C4aqqvedIvQapPEo9affX5CHokh-glClEyD0uFz78mgRFienwyLit3UJu%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_2303c004-94ba-4102-a062-052a262a8952&obuid=ENC(mNrj_L5C4aqqvedIvQapPEo9affX5CHokh-glClEyD0uFz78mgRFienwyLit3UJu) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=mNrj_L5C4aqqvedIvQapPEo9affX5CHokh-glClEyD0uFz78mgRFienwyLit3UJu HTTP 302
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=8853291561707285166&obUid=mNrj_L5C4aqqvedIvQapPEo9affX5CHokh-glClEyD0uFz78mgRFienwyLit3UJu

Request Chain 183

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=1ed54fad-da89-4995-b0a4-b928818ea89f

Request Chain 184

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-_9O5FRlE2pe8mgoDYPzdB_rImeB5lENhFyC3~A

Request Chain 185

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=4df47ead-4494-11ec-a962-b5def777d2db

Request Chain 188

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=98b4ded4-12af-46ea-8c6c-ca8803389735

Request Chain 192

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=bc278112-f222-45ba-9a4a-207e71f23e0a&t=1639408429

Request Chain 193

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 194

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=cc3d618f-d62c-4200-a8f0-c0d3eb13ec1c&gdpr=0&gdpr_consent=

Request Chain 195

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YY-WLQAAAPUhkwBG HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YY-WLQAAAPUhkwBG&gdpr=0&gdpr_consent=&_test=YY-WLQAAAPUhkwBG

Request Chain 199

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YY-WLcCo5tEAAEHGDBkAAAAA

Request Chain 200

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=5134455419440117170

Request Chain 201

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=cPaP6dDmYorXe0yQTDNh&pi=gumgum&tc=1

190 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request hhJwM Show response
archive.md/ 816 KB
108 KB 1964ms
1890ms Document
text/html 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to

Full URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 2face8b4fcda787d69d7e7fd2f3a6a913e5281d40161348dd64b30a15a1760d7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sat, 13 Nov 2021 15:13:44 GMT
content-type: text/html;charset=utf-8
cache-control: maxage=300
expires: Sat, 13 Nov 2021 15:18:44 GMT
memento-datetime: Wed, 22 Sep 2021 18:56:04 GMT
link: <https://www.naturalnews.com/2021-09-22-fauci-three-shots-full-vaccination-passports.html>; rel="original", <http://archive.md/timegate/https://www.naturalnews.com/2021-09-22-fauci-three-shots-full-vaccination-passports.html>; rel="timegate", <http://archive.md/timemap/https://www.naturalnews.com/2021-09-22-fauci-three-shots-full-vaccination-passports.html>; rel="timemap"; type="application/link-format"; from="Wed, 22 Sep 2021 18:56:04 GMT"; until="Wed, 22 Sep 2021 18:56:04 GMT", <http://archive.md/20210922185604/https://www.naturalnews.com/2021-09-22-fauci-three-shots-full-vaccination-passports.html>; rel="first last memento"; datetime="Wed, 22 Sep 2021 18:56:04 GMT"
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Language
x-identity: 91.199.118.155
x-real-ip: 91.199.118.155
x-hosting: 1
x-ratelimit-remaining: 14
x-mh-cache: MISS pin6
accept-ranges: bytes

GET
H2 200 archiveis.js Show response
cdn4.buysellads.net/pub/ 565 KB
202 KB 35ms
8ms Script
application/javascript 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 66197060c2bc8edf7fc6f24ce19f6f4075a9317f55f5842851bbead9ff373efd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:44 GMT
content-encoding: gzip
last-modified: Sat, 13 Nov 2021 14:57:24 GMT
server: NetDNA-cache/2.2
x-amz-request-id: RMBQQT9MX5B64JK4
etag: W/"8513cd4b361dc132eea3d05451ef1d9f"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31104000
x-amz-id-2: WsRy5lVexZNHtOYz0c6RuIkJmA+DyiBx27wUQvcL5Z9fUTeNbvBf5+PHie12iJDWoVxRaLg34Tk=
expires: Tue, 08 Nov 2022 15:13:44 GMT

GET
DATA 200
OK truncated
/ 783 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8591deeed80ff2f6b240bd53ae0186fb91f99227172ce770627185f23c155273

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 942 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44ad17dd9f7575456243736c32b3c59a8c5373aba00473c81c701582e9ccea20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afb7cbbcc5527f3174605e97940c1dcbd8b759835a37289434c805f1630abdfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f54b65e5ef7387b69c8643b7cfda86eb03233e32b5c4ea8dae28aa6775acde34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 858 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0bcda4d3e86c2bca85fc89dd3990e7f3b2272f0e20e7e03d60384a4c4103145

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 661 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea1ee744cf754d825e98c15e110488d990b780b2a21cb8aa22c227ba0282a99d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 863 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9f868ec412dfe33d60af6f3026ebc9ecdf2c332355b51eb99f459191824b280

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 633 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc01c795cec83dae195f75b6acc204f19025882ed82438255cbb533fe3c2bc67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 593 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca6417e35a032113b99da30054ccc27db57a006831078a48a4a78440fd0052bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 820 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 601e8630cf738da5b6b4324edf5ea5d9deba117fdfc901252d9b66387cca8d56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 662 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 654d6cbb0b69f6645467007383502c4ed3ea983672296f175ee22d2b425b4f8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 935 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cbeb82560bf125d7d14daf8191bdc4c665724cd571f74ebb47f2b3db482add9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 709 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cdf461ea92a075ca567edf8798d3c9e417c4ec08970b508972e5b6f794f256d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 938 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7640ef31af160f781c9d324ab6b6fb8048fe1f27ec3a251433c610f764104213

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 d5113a06073472d934d4f579441d39314a99d873.jpg
archive.md/hhJwM/ 47 KB
47 KB 135ms
134ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/d5113a06073472d934d4f579441d39314a99d873.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 9c322f1509cc88439bd8d188ab48d2d6d6cf5de7ce41981d16c1e113ac2b80b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: d5113a0-6073-472d934d
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 47655
x-real-ip: 91.199.118.155

GET
H2 200 ff42e4b46b1185cdc4d5b1144ea76c417fbdf7a9.svg
archive.md/hhJwM/ 32 KB
10 KB 136ms
135ms Image
image/svg+xml 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/ff42e4b46b1185cdc4d5b1144ea76c417fbdf7a9.svg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: a75eb4d330d0ebbd230003ec14c9b94c5eb8520456dce5f16a8ffb86fd22268c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
vary: Accept-Encoding
x-mh-cache: MISS pin6
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
x-real-ip: 91.199.118.155

GET
H2 200 6f2076aecd75de97c3127387c07968cd173dca49.svg
archive.md/hhJwM/ 4 KB
2 KB 90ms
90ms Image
image/svg+xml 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/6f2076aecd75de97c3127387c07968cd173dca49.svg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: dee98a943c855056022f9175848c4f3abc659b6b104862236d25536c74cde0c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
vary: Accept-Encoding
x-mh-cache: MISS pin6
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
x-real-ip: 91.199.118.155

GET
DATA 200
OK truncated
/ 975 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af7b6948153e403d74bc9d6ff890a70bc81f956901be39ef0f2ec4f71fb97066

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 0edc102e6daaadf7187c9feeecd358b889f78d1f.png
archive.md/hhJwM/ 1 KB
1 KB 558ms
557ms Image
image/png 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/0edc102e6daaadf7187c9feeecd358b889f78d1f.png
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 0ff42fd75f8f165a9ad7d8e2a7bf04bf49064041b4d3e35f2f9c702b1f0592a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Wed, 22 Sep 2021 18:57:24 GMT
server: nginx
etag: 0edc102-e6da-aadf7187
x-mh-cache: MISS pin6
content-type: image/png
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 1034
x-real-ip: 91.199.118.155

GET
H2 200 c82e22dde9716c40ba20e6c7ed03a1b66556de15.woff2
archive.md/hhJwM/ 23 KB
23 KB 38ms
38ms Font
application/font-woff2 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to

Full URL: https://archive.md/hhJwM/c82e22dde9716c40ba20e6c7ed03a1b66556de15.woff2
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Request headers

Referer: https://archive.md/hhJwM
Origin: https://archive.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:44 GMT
last-modified: Tue, 13 Jul 2021 16:34:42 GMT
server: nginx
etag: c82e22d-de97-16c40ba2
x-mh-cache: HIT 2 pin6
content-type: application/font-woff2
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:08:57 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 23484
x-real-ip: 91.199.118.155

GET
H2 200 8c65d3b85a37264f4378e61cbf37ebad1adc02fb.woff2
archive.md/hhJwM/ 15 KB
16 KB 38ms
38ms Font
application/font-woff2 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to

Full URL: https://archive.md/hhJwM/8c65d3b85a37264f4378e61cbf37ebad1adc02fb.woff2
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Request headers

Referer: https://archive.md/hhJwM
Origin: https://archive.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:44 GMT
last-modified: Fri, 01 Oct 2021 06:12:17 GMT
server: nginx
etag: 8c65d3b-85a3-7264f437
x-mh-cache: HIT 4 pin6
content-type: application/font-woff2
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 15:56:01 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 15640
x-real-ip: 91.199.118.155

GET
H2 200 4977596e07d274bd9332855235da83af5236b54f.png
archive.md/hhJwM/ 26 KB
27 KB 134ms
133ms Image
image/png 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/4977596e07d274bd9332855235da83af5236b54f.png
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: d9f4df9989372c052ac983e82ef89e55a82607a87404449210e5859912221112

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Mon, 18 Oct 2021 04:55:14 GMT
server: nginx
etag: 4977596-e07d-274bd933
x-mh-cache: MISS pin6
content-type: image/png
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 26949
x-real-ip: 91.199.118.155

GET
H2 200 c99fcb09c102080e8809d5cf21d21f626454e0ff.svg
archive.md/hhJwM/ 1 KB
1 KB 87ms
86ms Image
image/svg+xml 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/c99fcb09c102080e8809d5cf21d21f626454e0ff.svg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: ad2ad26a786b69e2a2e9a3d7fbd4dea09913be2990b40f0678225c1cfbe38baa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
vary: Accept-Encoding
x-mh-cache: MISS pin6
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
x-real-ip: 91.199.118.155

GET
H2 200 9bdc7160d9a414f052274a3e552da7ebd2d54ebc.jpg
archive.md/hhJwM/ 214 KB
215 KB 408ms
408ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/9bdc7160d9a414f052274a3e552da7ebd2d54ebc.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 497657a7cac62efb984441fcd253b19e2c81db3c6aca5ce40f48afc1a58b815c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Wed, 22 Sep 2021 18:57:24 GMT
server: nginx
etag: 9bdc716-0d9a-414f0522
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 219158
x-real-ip: 91.199.118.155

GET
H2 200 5d17176211b3eb108fc7d6a92612a6307e493d3c.jpg
archive.md/hhJwM/ 63 KB
63 KB 426ms
425ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/5d17176211b3eb108fc7d6a92612a6307e493d3c.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 1201e386b896efdef9108ef40d2a52d198ffa273aeb70ef1ba077ea65983c3df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Wed, 22 Sep 2021 18:57:24 GMT
server: nginx
etag: 5d17176-211b-3eb108fc
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 64273
x-real-ip: 91.199.118.155

GET
H2 200 8a49976f2470ba2a1db6144245355d3b889312e4.woff2
archive.md/hhJwM/ 22 KB
23 KB 36ms
36ms Font
application/font-woff2 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to

Full URL: https://archive.md/hhJwM/8a49976f2470ba2a1db6144245355d3b889312e4.woff2
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Request headers

Referer: https://archive.md/hhJwM
Origin: https://archive.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Sun, 26 Sep 2021 11:32:32 GMT
server: nginx
etag: 8a49976-f247-0ba2a1db
x-mh-cache: HIT 1 pin6
content-type: application/font-woff2
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:11:16 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 22992
x-real-ip: 91.199.118.155

GET
H2 200 9320aab01501e506f6fb5c1942b223f384520363.jpg
archive.md/hhJwM/ 169 KB
169 KB 401ms
400ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/9320aab01501e506f6fb5c1942b223f384520363.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 8e21a6fbb3e4a85fcfa1129061c5e496d7936ad07e5b3fe0666c1e6fcdc134c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Wed, 22 Sep 2021 18:57:24 GMT
server: nginx
etag: 9320aab-0150-1e506f6f
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 172654
x-real-ip: 91.199.118.155

GET
H2 200 1f69ebaf4986036f222c6261eed46fc1610426a7.gif
archive.md/hhJwM/ 12 KB
12 KB 86ms
86ms Image
image/gif 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/1f69ebaf4986036f222c6261eed46fc1610426a7.gif
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: d1bfcdd641bc7ea7d3f498da18eb229eb6a7e72549f8590a5ed77afb50469f9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Mon, 18 Oct 2021 04:55:14 GMT
server: nginx
etag: 1f69eba-f498-6036f222
x-mh-cache: MISS pin6
content-type: image/gif
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 12417
x-real-ip: 91.199.118.155

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4e901ab20acae758e69d84ff6cf957eae164db569aba01bc84704eceaedd13d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1042 / 38 of 1000 / last-modified: 1636758328"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: clear
content-length: 26741
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 13 Nov 2021 15:13:45 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
371 B 226ms
226ms Image
image/gif 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=2.712384888496861
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: FQ9XJ5NNR2F5R9MM
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: QvO+Qmt4Di+O0POLDg8+MokKQNYK1Jrnwic+EF6oVQs+ig1PV7+BdW6SB6Am74wYB6WDJwxPVq8=
expires: Tue, 08 Nov 2022 15:13:45 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
369 B 215ms
215ms Image
image/gif 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=2.712384888496861
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: FQ9NE97GDS3K1C3H
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: MnobXR/lMCxpuZVXjvw2xjsAdwPtfGZ4ayHOsXvp57U6UzTumQlOhcPUDz+dPuGU0ixGgBabPBI=
expires: Tue, 08 Nov 2022 15:13:45 GMT

GET
H2 200 046adee74e5ce76db11491906a21c09399391571.woff2
archive.md/hhJwM/ 8 KB
8 KB 36ms
36ms Font
application/font-woff2 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to

Full URL: https://archive.md/hhJwM/046adee74e5ce76db11491906a21c09399391571.woff2
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Request headers

Referer: https://archive.md/hhJwM
Origin: https://archive.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Sun, 31 Oct 2021 06:18:48 GMT
server: nginx
etag: 046adee-74e5-ce76db11
x-mh-cache: HIT 4 pin6
content-type: application/font-woff2
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 15:44:43 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 7900
x-real-ip: 91.199.118.155

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 87669f231ce245cdd9b7d80ebf8194e2ae62e7b1.svg
archive.md/vl0c6/ 13 KB
5 KB 36ms
36ms Image
image/svg+xml 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/vl0c6/87669f231ce245cdd9b7d80ebf8194e2ae62e7b1.svg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 04:32:07 GMT
server: nginx
vary: Accept-Encoding
x-mh-cache: HIT 4 pin6
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 15:44:43 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
x-real-ip: 91.199.118.155

GET
H2 200 pubads_impl_2021110901.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 45ms
23ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 118212
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 09:34:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 13 Nov 2021 15:13:45 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 60 B
576 B 36ms
16ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=archive.md

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a2e3082adef49efa3b0a76790302f4b1438171ea3b770020d714498f3ade063b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 65
x-xss-protection: 0
expires: Sat, 13 Nov 2021 15:13:45 GMT

GET
H2 200 36b868023530d3bc3b172deaa3bfbdce366ea10b.png
archive.md/hhJwM/ 2 KB
2 KB 85ms
85ms Image
image/png 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/36b868023530d3bc3b172deaa3bfbdce366ea10b.png
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Sun, 29 Aug 2021 03:53:41 GMT
server: nginx
etag: 36b8680-2353-0d3bc3b1
x-mh-cache: MISS pin6
content-type: image/png
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 1862
x-real-ip: 91.199.118.155

GET
H2 200 6d992dbb103a16949f438c3e08243c5d137edb72.jpg
archive.md/hhJwM/ 44 KB
44 KB 90ms
89ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/6d992dbb103a16949f438c3e08243c5d137edb72.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 007e751a8c84da12dd1a06d4d9584db3bbc7a33580e0ec16179128c1e13c08b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 6d992db-b103-a16949f4
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 45085
x-real-ip: 91.199.118.155

GET
H2 200 27453da62e48c8fa79ec9d6ff6c4aa0513aef516.jpg
archive.md/hhJwM/ 13 KB
13 KB 88ms
87ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/27453da62e48c8fa79ec9d6ff6c4aa0513aef516.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: d22c0b01cb635070d2aef3f9f3343b4e5dc405654232a56bb677623152669b0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 27453da-62e4-8c8fa79e
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 13049
x-real-ip: 91.199.118.155

GET
H2 200 303b751f05146619e4b2e8cdc6ccc87731c8a501.jpg
archive.md/hhJwM/ 16 KB
16 KB 92ms
90ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/303b751f05146619e4b2e8cdc6ccc87731c8a501.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: a88ad69a6fc0fc3ccf761b2036d46b42541bb3540b8baeacdce77eff11f024f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 303b751-f051-46619e4b
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 16134
x-real-ip: 91.199.118.155

GET
H2 200 6308f6f8f53cd00dfb97f72cbe7f83ca7497bb58.jpg
archive.md/hhJwM/ 10 KB
11 KB 96ms
94ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/6308f6f8f53cd00dfb97f72cbe7f83ca7497bb58.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: bf23fbb33279d6fa909a75a83eb3b673808bce6e515003779811d78195a54052

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 6308f6f-8f53-cd00dfb9
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 10634
x-real-ip: 91.199.118.155

GET
H2 200 14b0fc3fa70ecd14329f3bce72c2cf297f8110c7.jpg
archive.md/hhJwM/ 19 KB
20 KB 94ms
92ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/14b0fc3fa70ecd14329f3bce72c2cf297f8110c7.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: dd78fae03a33386adcad971fee9eabba162a506dd32d893be32f40c1c1c0943f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 14b0fc3-fa70-ecd14329
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 19642
x-real-ip: 91.199.118.155

GET
H2 200 b2312300126a488c1a18fffa4a780d048cacc6f9.jpg
archive.md/hhJwM/ 25 KB
25 KB 95ms
93ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/b2312300126a488c1a18fffa4a780d048cacc6f9.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: d95a637fa3fdb849be70753afbdebc7437f00ba1dd70b4e2e6c5bc7b80fd9014

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: b231230-0126-a488c1a1
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 25576
x-real-ip: 91.199.118.155

GET
H2 200 69c1803e3f7c56cf03f297d2f1e08872dfc25e1e.jpg
archive.md/hhJwM/ 9 KB
9 KB 97ms
95ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/69c1803e3f7c56cf03f297d2f1e08872dfc25e1e.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 62996bc7684e6e0e9c3276dd31be43018bf4988f790dccf3b8b560a0e3bb9fb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 69c1803-e3f7-c56cf03f
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 8888
x-real-ip: 91.199.118.155

GET
H2 200 2cdcd39ea1450191dc2695b0e020adffbe158fd1.jpg
archive.md/hhJwM/ 29 KB
30 KB 160ms
158ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/2cdcd39ea1450191dc2695b0e020adffbe158fd1.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 7d81272fb54869b75749212480c2f9b25e3d4de69191a03fd3920bdf9bc07123

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Mon, 18 Oct 2021 04:55:14 GMT
server: nginx
etag: 2cdcd39-ea14-50191dc2
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 30146
x-real-ip: 91.199.118.155

GET
H2 200 b80fa82f5d8d47099e01f34b041ad8046eadd5a5.jpg
archive.md/hhJwM/ 114 KB
115 KB 187ms
186ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/b80fa82f5d8d47099e01f34b041ad8046eadd5a5.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 50e97ad557129033ec1aec0ba02350297e2dee07a2a836e785b6033613f4d615

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Wed, 22 Sep 2021 18:57:24 GMT
server: nginx
etag: b80fa82-f5d8-d47099e0
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 116949
x-real-ip: 91.199.118.155

GET
H2 200 418bbffe3df679d783b9218ac5863b578cd33ac4.jpg
archive.md/hhJwM/ 27 KB
27 KB 120ms
118ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/418bbffe3df679d783b9218ac5863b578cd33ac4.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 87508ca62e6a3cc9faf276f22afad75862db1f2bebf53dddcb6ca992f8ed7ce3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Wed, 22 Sep 2021 18:57:24 GMT
server: nginx
etag: 418bbff-e3df-679d783b
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 27213
x-real-ip: 91.199.118.155

GET
H2 200 bbba75711bb52153ec4965ecaa753b18459e5b79.jpg
archive.md/hhJwM/ 26 KB
26 KB 193ms
191ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/bbba75711bb52153ec4965ecaa753b18459e5b79.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 640bb3a95a370ddf0166fc369a44b63363a2174d1838350118ffe0ecb7000b1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: bbba757-11bb-52153ec4
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 26606
x-real-ip: 91.199.118.155

GET
H2 200 4a1720b630542bc04f2539a49defc213b983cde8.jpg
archive.md/hhJwM/ 21 KB
22 KB 251ms
250ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/4a1720b630542bc04f2539a49defc213b983cde8.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 18effc3e1d7d2666081661e5cdb15fb6827743fe7614020981957a583b43b277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Sun, 07 Nov 2021 05:41:48 GMT
server: nginx
etag: 4a1720b-6305-42bc04f2
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 22009
x-real-ip: 91.199.118.155

GET
H2 200 ee726cf0666d560ba97a70e0f75196f7f585de2b.jpg
archive.md/hhJwM/ 27 KB
28 KB 215ms
215ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/ee726cf0666d560ba97a70e0f75196f7f585de2b.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ce10febc8ec99c731c214836bc3effb8e684b481dfa57347510d4ef1f47fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: ee726cf-0666-d560ba97
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 28096
x-real-ip: 91.199.118.155

GET x.gif
91.199.118.155.de.pin6.295673402.pixel.archive.md/ 0
0

GET
H2 200 418aca8b2dafb1ed3bd49847159f94d64c95c900.jpg
archive.md/hhJwM/ 83 KB
84 KB 190ms
189ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/418aca8b2dafb1ed3bd49847159f94d64c95c900.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: a2359f45facc7fc10aec799a6822bf24a9ccb2f27c7bbb0c7c9471d5437987cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Wed, 22 Sep 2021 18:57:24 GMT
server: nginx
etag: 418aca8-b2da-fb1ed3bd
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 85286
x-real-ip: 91.199.118.155

GET
H2 200 e6fdacfccd265daed6c529be89ef1d831215c956.jpg
archive.md/hhJwM/ 8 KB
9 KB 84ms
84ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/e6fdacfccd265daed6c529be89ef1d831215c956.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 63813c7b8b580e0e90bd289c8f33a5d4fb3109b6213ebed12b6620bfb5c71f6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: e6fdacf-ccd2-65daed6c
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 8465
x-real-ip: 91.199.118.155

GET
H2 200 7d4092b311831ce08567e3eb7c6f70fa9b9b1065.jpg
archive.md/hhJwM/ 5 KB
5 KB 175ms
173ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/7d4092b311831ce08567e3eb7c6f70fa9b9b1065.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 0dbaf969fd6f68c6f8d99e39c929aabe7d3990a694648bb04ff75c6854d1ba98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 7d4092b-3118-31ce0856
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 5030
x-real-ip: 91.199.118.155

GET
H2 200 fda07aff9f759897002043831c59a5d7660ff4af.jpg
archive.md/hhJwM/ 5 KB
5 KB 186ms
185ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/fda07aff9f759897002043831c59a5d7660ff4af.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: c1bf5da6eb2aae44484a9f1f8e1dae3ffc8014a0fe755cb9c8f410a4ee31f363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: fda07af-f9f7-59897002
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 5264
x-real-ip: 91.199.118.155

GET
H2 200 2edb1933f625cf44eebc797b00bc588ba1d8ca20.jpg
archive.md/hhJwM/ 8 KB
9 KB 260ms
258ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/2edb1933f625cf44eebc797b00bc588ba1d8ca20.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 8058607837da5274be69ccf94da48f53295e5d8cb0e3edc280a2afb9cbe86135

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 2edb193-3f62-5cf44eeb
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 8483
x-real-ip: 91.199.118.155

GET
H2 200 47b7db110460e6eec91e3e11295447f3ca9a9823.jpg
archive.md/hhJwM/ 7 KB
7 KB 186ms
185ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/47b7db110460e6eec91e3e11295447f3ca9a9823.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 2827ed06dc68c3072061b21b8132328e59534ee20468a5d2c5a217fae9fd6638

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 47b7db1-1046-0e6eec91
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 6877
x-real-ip: 91.199.118.155

GET
H2 200 96afda45a78fa288440b8e80fbe0602d05228009.jpg
archive.md/hhJwM/ 10 KB
10 KB 261ms
260ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/96afda45a78fa288440b8e80fbe0602d05228009.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: c8f5733c67f5b9c49cbc0211b9e6bdb24bf367e2680e93eea22d7e481c2a56a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 96afda4-5a78-fa288440
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 10324
x-real-ip: 91.199.118.155

GET
H2 200 8adf48b92f4261c1d6ab9d268cb7acf5885f2c0c.jpg
archive.md/hhJwM/ 9 KB
9 KB 260ms
259ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/8adf48b92f4261c1d6ab9d268cb7acf5885f2c0c.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: ee507937a0411746f520226b235dc1d9d11408cfcae1ff5d8b3a4e78a44c611b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 8adf48b-92f4-261c1d6a
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 9348
x-real-ip: 91.199.118.155

GET
H2 200 9f3c8b5973e25b14fd459d704d5c6ee4c78adf00.jpg
archive.md/hhJwM/ 11 KB
11 KB 240ms
239ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/9f3c8b5973e25b14fd459d704d5c6ee4c78adf00.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 26c759badd0513d9404e6b8820d36253e8622bef516c6f8c2a9e36172bfb4a97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 9f3c8b5-973e-25b14fd4
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 10770
x-real-ip: 91.199.118.155

GET
H2 200 24259e8df04d1d07672b2e1a7e7b1992af764c1b.jpg
archive.md/hhJwM/ 11 KB
11 KB 185ms
184ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/24259e8df04d1d07672b2e1a7e7b1992af764c1b.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: ee601353c271483d5f127e2684fa98b9858b695caf1b98ceef4a6daf55e5dfec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 24259e8-df04-d1d07672
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 10821
x-real-ip: 91.199.118.155

GET
H2 200 31cd0caf061a073f69d2fd60c559e3562a14fde4.jpg
archive.md/hhJwM/ 5 KB
5 KB 186ms
185ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/31cd0caf061a073f69d2fd60c559e3562a14fde4.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: cabc9ebc40d02fd917fa50fc4309d159fd6a0db1d191db1204499fe796b9df1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: 31cd0ca-f061-a073f69d
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 5230
x-real-ip: 91.199.118.155

GET
H2 200 e6a0cfb1de4eea7ee229c0db0c0b0a0d09f3de7a.jpg
archive.md/hhJwM/ 7 KB
7 KB 186ms
185ms Image
image/jpeg 5.188.88.193
PINVDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.md/hhJwM/e6a0cfb1de4eea7ee229c0db0c0b0a0d09f3de7a.jpg
Requested by: Host: archive.md
URL: https://archive.md/hhJwM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.88.193 , Russian Federation, ASN41909 (PINVDS, EE),
Reverse DNS
Software: nginx /
Resource Hash: 34404bb3a946a7996e6d791d22c50a538f23e365cb1c8e8cc85d9783ace86b42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/hhJwM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-hosting: 1
date: Sat, 13 Nov 2021 15:13:45 GMT
last-modified: Tue, 21 Sep 2021 11:15:14 GMT
server: nginx
etag: e6a0cfb-1de4-eea7ee22
x-mh-cache: MISS pin6
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 16:13:45 GMT
cache-control: maxage=3600
x-identity: 91.199.118.155
accept-ranges: bytes
content-length: 6977
x-real-ip: 91.199.118.155

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 25 KB
11 KB 247ms
114ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: archive.md
URL: https://archive.md/hhJwM

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Thu, 15 Jul 2021 18:35:46 GMT
server: nginx
etag: W/"60f08002-64db"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Sat, 13 Nov 2021 16:13:45 GMT

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
996 B 61ms
61ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2825109;u=https%3A//archive.md/hhJwM;st=1636816425260;title=Fauci%20says%203%20shots%20needed%20for%20%E2%80%9Cfull%20vaccination%2C%E2%80%9D%20while%20the%20double-vaxxed%20will%20LOSE%20their%20vaccine%20passports%20%E2%80%93%20NaturalNews.com;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=e0e10a5200884e82;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.4//4g/0/0/;lvid=1636816425532%3A1636816425565%3A1%3Adb66c86bd25453336456ea90d4c49147;visible=true;_=0.14660171259264065

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://archive.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 13 Nov 2021 15:13:45 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://archive.md
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://archive.md
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://archive.md
access-control-allow-headers: *

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 64ms
42ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1ff13e9dac8f8b478d1484079b1e089b8867777937f85818f3a8c3bfa45f41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 51380
x-xss-protection: 0
server: cafe
etag: 18259977267735638575
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 15:13:45 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
972 B 36ms
16ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29816
content-type: application/javascript
x-amz-request-id: txfb885b5eaead480dbfa2f-00617b9d6a
x-amz-id-2: txfb885b5eaead480dbfa2f-00617b9d6a
last-modified: Tue, 26 Oct 2021 12:44:38 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4S4BgypZpNc8EOGmZkMvrNTP%2BIjgM2Iq7cj7UmczigTnTS8GhEIhqpLnY%2FDs9LXPw1lDW6hKVIVE4drFjwNUnX6Nr2yHDJPzjEQK%2FVjy1RipT5Fy%2BO4IGTNT%2FheNlZ3iOa16mk9LheNppMB"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1635252278092292
cache-control: public, max-age=1800
cf-ray: 6ad8f2241a415b74-FRA
expires: Sat, 13 Nov 2021 15:43:45 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
366 B 287ms
35ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://archive.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://archive.md
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 319ms
71ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://archive.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://archive.md
date: Sat, 13 Nov 2021 15:13:44 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
183 B 262ms
14ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=71629376333
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://archive.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://archive.md
date: Sat, 13 Nov 2021 15:13:45 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 prebid Show response
mp.4dex.io/ 99 B
475 B 298ms
62ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mp.4dex.io/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c54b21ff24f65ba1228b3df5080c86accaa5bb3913b6894b2cd589caf13164db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://archive.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-warn: Selecting bids. No selected bids
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://archive.md
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
cf-ray: 6ad8f2258bd64e50-FRA
server: cloudflare
expires: 0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 358 B
704 B 323ms
78ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Farchive.md%2FhhJwM&CanonicalUrl=https%3A%2F%2Farchive.md%2F2021.09.22-185604%2Fhttps%3A%2F%2Fwww.naturalnews.com%2F2021-09-22-fauci-three-shots-full-vaccination-passports.html&PublisherDomain=https%3A%2F%2Farchive.md

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

3889ae685af7cc08c4a1f5765c7324942bb1f2d3dc89eb88c70947daa730d9fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://archive.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:45 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://archive.md
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 62
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 358
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
694 B 259ms
18ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://archive.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:45 GMT
X-Proxy-Origin: 91.199.118.155; 91.199.118.155; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 54de8cdd-e12e-455b-90cf-cfcb81ca2625
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://archive.md
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 285 B
520 B 314ms
74ms XHR
application/json 52.211.147.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=8985
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.147.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-147-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2b8a019c566a194e76e9bb7eed737c34692f5b0c84d7764a1433cd9fb41c3d9d

Request headers

Referer: https://archive.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://archive.md
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
797 B 352ms
113ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 14c4aaa914e72805a884790e1731c43c1d5295f6f3c5ba49886f790685116407

Request headers

Referer: https://archive.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://archive.md
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 35ms
20ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2272246
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txdbdf789a865040759639d-00616d2a20
x-amz-id-2: txdbdf789a865040759639d-00616d2a20
last-modified: Mon, 18 Oct 2021 08:01:50 GMT
server: cloudflare
etag: W/"cae476c264f28e37aca638d685ba55b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQBDORDtzKLv%2F7K341ghpjOsL%2Bq61C4vuSTVriMxAjSpiJnBLU45En2IuL2tyvoHJgb2tcFyw2HEImr%2BxOij6iivWhHjVqwTQszMOMv2GpDxYkX1Yxj8gbW3hqITz8%2BAYfUx2Qy%2BgyAfCyVS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1634544110326910
cf-ray: 6ad8f2245fa44a98-FRA
access-control-allow-headers: Authorization

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 267 KB
96 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9454946816537646&plah=archive.md

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2d3e62be49a950029e24adea571c09bb20f4e208df3ba0e6f18ee613446f466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 98309
x-xss-protection: 0
server: cafe
etag: 13474340241825499027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 15:13:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/ Frame 0C62 11 KB
5 KB 36ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 13 Nov 2021 13:38:57 GMT
expires: Sat, 27 Nov 2021 13:38:57 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 5688
cache-control: public, max-age=1209600
alt-svc: clear

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
405 B 15ms
14ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=archive.md&callback=_gfp_s_&client=ca-pub-9454946816537646

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9454946816537646&plah=archive.md

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e0dbfd9b406f997ebd46b3e29bab17dca9003680d679fdf76513ca60670e3eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: clear
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
424 B 38ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=archive.md

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
424 B 43ms
22ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=archive.md

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C015 603 B
221 B 39ms
38ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9454946816537646&output=html&adk=1812271804&adf=3025194257&lmt=1636816425&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Farchive.md%2FhhJwM&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636816425669&bpp=4&bdt=815&idt=201&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=438868652872&frm=20&pv=2&ga_vid=661111166.1636816425&ga_sid=1636816426&ga_hid=1861197712&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2023808963726945&pem=684&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=224

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Nov 2021 15:13:45 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: clear

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
907 B 61ms
61ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2825109;u=https%3A//archive.md/hhJwM;st=1636816425260;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=e0e10a5200884e82;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1636816422886/////0/1/1/1/76/7/76/1965/2106/1968/2374/2374/2374/3060/3060/;ni=9.4//4g/0/0/;lvid=1636816425532%3A1636816425947%3A2%3Adb66c86bd25453336456ea90d4c49147;visible=true;_=0.03936765549003396;e=RT/load;et=1636816425946

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://archive.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 13 Nov 2021 15:13:45 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://archive.md
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://archive.md
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://archive.md
access-control-allow-headers: *

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 41ms
21ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44378d4ab3facc1984d5a23816a7c8c4fee1e7ecc0918fec19421a39985d4227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 9174
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
424 B 37ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=archive.md

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 15:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=archive.md

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 15:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 ads
securepubads.g.doubleclick.net/gampad/ 0
36 KB 370ms
370ms Other
application/webbundle 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2023808963726945&correlator=3672951002363020&output=wbn&wbsu=3ad76319-c180-4960-baa3-3396332a4958&callback=googletag.wbn1&impl=fifs&eid=44754276%2C31060545%2C31062324&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211113&iu_parts=8691100%2CArchive_S2S_Leaderboard_ROS_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=optimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1615308762534-0_123456%26optimize_inview%3Dfalse&eri=5&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dlifestyle%26optimize_env%3Dprod%26optimize_pub%3Darchiveis&cookie=ID%3D780c75fe31724fd1-220816a655cb0097%3AT%3D1636816425%3ART%3D1636816425%3AS%3DALNI_MaqonIdKRQ9I25HKW0hA56Jewe1cw&bc=31&abxe=1&dt=1636816425978&dlt=1636816424854&idt=416&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=111&adks=3875506806&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Farchive.md%2FhhJwM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x6953&msz=1600x20&ga_vid=661111166.1636816425&ga_sid=1636816426&ga_hid=1861197712&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35886
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: application/webbundle
access-control-allow-origin: https://archive.md
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
URN 200
OK uuid:3ad76319-c180-4960-baa3-3396332a4958 Show response
/ 530 B
656 B 373ms
373ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

urn:uuid:3ad76319-c180-4960-baa3-3396332a4958

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

URN

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

97a875da6997754b6f65c2c95409e082e3b32bec03b6ac3e44e98cbb28c65e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 47ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: clear
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 13 Nov 2021 15:13:46 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2C7B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 13 Nov 2021 14:38:18 GMT
expires: Sun, 13 Nov 2022 14:38:18 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2128
alt-svc: clear

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7346 783 B
1 KB 39ms
17ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

259f5e7f56e5f41dc5b994ce3745ab85ba7dc41237f101128cd832350ba15a65

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mJ5vlAE/qy9Z3kg7cFophg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 13 Nov 2021 15:13:46 GMT
date: Sat, 13 Nov 2021 15:13:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-mJ5vlAE/qy9Z3kg7cFophg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: clear

GET
H2 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C7B 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 06:25:17 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7346 0
0 44ms
44ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211109&jk=2023808963726945&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 42ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211109&jk=2023808963726945&bg=!YWKlYibNAAZQLpa_UC47ACkAdvg8WvfCBX3O6jmIx-70os7J6exbt1Zm0kZNk4wr5xivTRcPenFmkQIAAABkUgAAAAhoAQeZAqpDhXXQ9o9o82PYQkshdPpt8LfyXSwfkFFKySc4qQiEkG1dqsscPhXFnWpyaSZa9wxq-f8Vc7ER9Uwotqi1RdEiTRHKXn5wbaPQ4TSI6Agx-OIjjzHaxlc2Ewi-YHcuceHrHShPB_2RBzPL_Xae5gvq4lUpfNrytdl0RmYOObS65PNe3sVg8EppS9UdboDcyV4hl4QUPUNPC3Rs-C5_50QAOubOOAHnvL4wEc5a1MH9yLUR-7CIaY_3QXCwVWtZSDWrMyqFw8OKAC5rV5aVcJooxCWzj4b_MIp1dsg_iEIJDX48g4nGzhXVciBZ6CvxROQ7oSRUoCzTqXoBo-U0ajjJ-p4sOf_1rnwF4OQ1IaNJh705-nTk-BwR_1BK1oghvaN7orvkPJIPTS-9TyFjZFf2JOKh3Fn5EvoHMpLPXTkR5R4P0FqFUO1MyEu8jvn91Cd2uIzu-CnchUYoBwSU6tJmtTEDSqhCG_MPzl1Bfv13_E9NiqAJIUIm1nEw2ELqxGUJ0G3hW2-E-CHaMx3hlUXv8YeQIc9zDMDTw_NTRrJoJVbLv48a29KNVoY7zNd6lkho6SHDIL_82PgW5-YWH5m4_tL09QBpqOFiOCjTERssgB13wmMw5JripWXLzAcOrYI16zgF2UYAPIBq0kRV7tInCfSKb8XOefGpc5h-nMHZ5-HTXpKXYrF-Wdbosb-9NpMsrrIB7SdesOV3OKR9Q3oOPrZ3m9olAORXlo8SX85cjFRExHAvGUxtR82355Dqu-uzHzagutKzwKvIq14L2RxMFWLUQJ37TOQU4-rtn3ujkP3iULtJRNCLoq3iWyH796LxVb5TH_9WMY6LwYkREIdGPcPAhiVIcy7-mcmlrgMWUVJJgiAQLopCcCkXDbumEHgK-6_0o9ZsVKCe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
URN 200
OK uuid:e10ca115-d365-8df0-a504-8df0d365e10c Show response
/ Frame 0D83 104 KB
104 KB 0ms
0ms Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL

urn:uuid:e10ca115-d365-8df0-a504-8df0d365e10c

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

URN

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

75b293f934997ae32301e710fbe6be27fe8c12b807952fa76c39aa83a4d2b205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-Content-Type-Options: nosniff
content-type: text/html; charset=utf-8
x-content-type-options: nosniff

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 0D83 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:e10ca115-d365-8df0-a504-8df0d365e10c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 14:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 14:58:43 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 0D83 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:e10ca115-d365-8df0-a504-8df0d365e10c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 15:12:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D83 119 KB
37 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: uuid
URL: urn:uuid:e10ca115-d365-8df0-a504-8df0d365e10c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 15:13:46 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 0D83 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: uuid
URL: urn:uuid:e10ca115-d365-8df0-a504-8df0d365e10c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 14:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 14:53:20 GMT

GET
H2 200 cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/ Frame 755C 4 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Requested by

Host: uuid
URL: urn:uuid:e10ca115-d365-8df0-a504-8df0d365e10c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b68ec6cb015714a5ba472ada3c173aa5c31a427739641b882a2fd96b7ab9896b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 1610
date: Fri, 12 Nov 2021 13:22:02 GMT
expires: Sat, 12 Nov 2022 13:22:02 GMT
last-modified: Sat, 06 Nov 2021 20:53:25 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 93104
alt-svc: clear

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0D83 0
0 51ms
51ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CI7i8KtaPYaLKAdy03gOJoa-gCYnowbtmutT2wZ8Oz7e-z4gKEAEg_N_oGWCVypmCrAegAcfE7PcDyAEJ4AIAqAMByAMIqgTiAU_QJxW7xR3Zz09nDQN47bYKdZtjpE8P92fPdXqsnFHwZPRq7GMdBfi45weiJVJUIiEH5l1FSAtyBdY3k7kRVyyVM5bvxjuSefB1Irk1V9SHWq6hQCcnOgRUqD2x8Uc0e7k5ZLI00o3b3Ua5AlEPeq5i57AqwQOtmtTb-VaOVoE32ptA3Y4KoHBCwSe4wyke680yg-q0I9XawqLjWKTPTnLbEKtcYsDtnvkHs_2pQ1iUC6g7a8jjF186DGuS0fTEGtqzPY7-L6ysZvjnd5DnSrguRIuWXjFRk9otTRJpanSAfaHABLDPn5_jA-AEAZIFBAgEGAGSBQQIBRgEoAYugAf_sLjdAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJu8BdIICQiA4YAQEAEYHYAKA8gLAdgTCogUAdAVAYAXAbIXHgocCAASFHB1Yi0yMDQ5OTQ4MTgwMDc5MjY0GJyTDw&sigh=gFfYpALXBes&uach_m=[UACH]&template_id=419
Requested by: Host: uuid
URL: urn:uuid:e10ca115-d365-8df0-a504-8df0d365e10c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 186E 143 B
222 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: uuid
URL: urn:uuid:e10ca115-d365-8df0-a504-8df0d365e10c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 13 Nov 2021 14:43:12 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1834
alt-svc: clear

GET
DATA 200
OK truncated
/ Frame 0D83 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61de2c1b3920138f55245cdc7d1111c5bfc81a3cea2c8ab4916f46db6593dfa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 755C 9 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 14 Nov 2021 13:42:50 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 755C 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 14 Nov 2021 00:06:00 GMT

GET
H2 200 cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/ Frame 755C 7 KB
2 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4cb91f22e324b0b58adfce621d3a7a52a4db55a2f9ac16a32dea238f71991de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 402073
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1731
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 20:53:25 GMT
server: sffe
date: Mon, 08 Nov 2021 23:32:33 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 23:32:33 GMT

GET
H2 200 cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90_media_query.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/ Frame 755C 433 B
292 B 9ms
8ms Stylesheet
text/css 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90_media_query.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82a66857df1a6a343f72ea9e41b3dc46ff03ed8ecaa3f6c1e50f29c3b335339a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 402073
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 188
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 20:53:25 GMT
server: sffe
date: Mon, 08 Nov 2021 23:32:33 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 23:32:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 755C 10 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sat, 13 Nov 2021 14:09:03 GMT
server: ESF
date: Sat, 13 Nov 2021 15:13:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Nov 2021 15:13:46 GMT

GET
H2 200 cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_dell_logo_728x90.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/ Frame 755C 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_dell_logo_728x90.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d29f9bfa31123f6cd437f9f248afccc3794428f5a20ce80d0b93882f602dc84

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 92087
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2078
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 20:53:25 GMT
server: sffe
date: Fri, 12 Nov 2021 13:38:59 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Nov 2022 13:38:59 GMT

GET
H2 200 cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_funding_728x90.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/ Frame 755C 7 KB
7 KB 9ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_funding_728x90.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4895dfba35b64927c6341f5a657d8ed18257cf7acd3444bf45b45ea63603ad4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 402073
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 7603
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 20:53:25 GMT
server: sffe
date: Mon, 08 Nov 2021 23:32:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 23:32:33 GMT

GET
H2 200 cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_pro_f1_728x90.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/ Frame 755C 7 KB
7 KB 10ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_pro_f1_728x90.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0fc47a38e5c40073973ca37fdbc8b41475da45b0c3e184e054c36679dc218d6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 402073
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 6956
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 20:53:25 GMT
server: sffe
date: Mon, 08 Nov 2021 23:32:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 23:32:33 GMT

GET
H2 200 cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_img_f2_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/ Frame 755C 11 KB
11 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_img_f2_728x90.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f179f56e2112dfa1ef9eacd3ee654397ac38c25e8c26508abbe1d042d7fd5242

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 92320
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11447
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 20:53:25 GMT
server: sffe
date: Fri, 12 Nov 2021 13:35:06 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Nov 2022 13:35:06 GMT

GET
H2 200 cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_pro_f3_728x90.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/ Frame 755C 6 KB
6 KB 13ms
12ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_pro_f3_728x90.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3b601b279450f2250939c3aae6d24b2f06070ca96d734f178e563ef01dd561f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 402073
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 5859
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 20:53:25 GMT
server: sffe
date: Mon, 08 Nov 2021 23:32:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 23:32:33 GMT

GET
H2 200 cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_pro_f4_728x90.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/ Frame 755C 6 KB
6 KB 10ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_pro_f4_728x90.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d44320cfd4ced3d38015d560d5826c48dee1aae4f8555a0f266f8d3b313f4542

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 402073
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 6263
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 20:53:25 GMT
server: sffe
date: Mon, 08 Nov 2021 23:32:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 23:32:33 GMT

GET
H2 200 cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_viof5_728x90.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/ Frame 755C 1 KB
1 KB 13ms
13ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_viof5_728x90.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

345512a51cb823e2fb0b081f3e1e7ca5b1001150f54dd34c928c842e5f14271a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 402073
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1120
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 20:53:25 GMT
server: sffe
date: Mon, 08 Nov 2021 23:32:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 23:32:33 GMT

GET
H2 200 cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_pro_f5_728x90.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/ Frame 755C 57 KB
57 KB 14ms
13ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_pro_f5_728x90.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fbca99ceacc1837450eb17c46332320c6a4d5bdf0aebab92266ad089be1e9b9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 124241
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 58305
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 20:53:25 GMT
server: sffe
date: Fri, 12 Nov 2021 04:43:05 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Nov 2022 04:43:05 GMT

GET
H2 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 755C 105 KB
35 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Nov 2021 15:13:46 GMT

GET
H2 200 cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/ Frame 755C 3 KB
919 B 7ms
7ms Script
application/x-javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

806c92314249d7a94bcb05048035229bb420328af96c946d92cda9a8f2558931

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 125976
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 804
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 20:53:25 GMT
server: sffe
date: Fri, 12 Nov 2021 04:14:10 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Nov 2022 04:14:10 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 186E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
166 B

63ms
63ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: uuid
URL: urn:uuid:e10ca115-d365-8df0-a504-8df0d365e10c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 13 Nov 2021 15:13:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 15:13:46 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 13 Nov 2021 15:13:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 755C 15 KB
16 KB 36ms
11ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 164249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 17:36:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 755C 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:32:01 GMT
x-content-type-options: nosniff
age: 380505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Nov 2022 05:32:01 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0D83 42 B
174 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuub9j3x2XM-nU8zaAxohFQ7DTvrm38NY5-Dlel7-4Imvq2Z49VrJebmHgeQSkROiJpmm17RBfCCQz3HH2LEIMgVXkQ_PsuXR_TY7HfM3teRxZWbqXuYw&sai=AMfl-YTYOmC4pbwGkwuQpm2IoPFQktPXoKA67IrM9HqNvJ4Gk7PJ9g-FAmFoVi4NPtWGT_tJHxC_WcaD_9ctPCt6eXkwMvKo8xXhHQ-z69Oi3a8pVsttXjKS5-Ejt90&sig=Cg0ArKJSzHAd-b5KuK6iEAE&cid=CAASF-Ro1qfL0-aFCa1wXFOsUjhiBxWsjoqc&id=lidar2&mcvt=1000&p=111,436,201,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3875506806&rs=4&la=0&cr=0&vs=4&r=v&rst=1636816426370&rpt=104&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 57ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:48 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:25:58 GMT
server: nginx
etag: W/"6178c6c6-14b2b"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Nov 2021 15:13:48 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A346 11 KB
5 KB 44ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=archive.md

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1540
date: Sat, 13 Nov 2021 15:13:47 GMT
content-length: 4683

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 45ms
20ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:48 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:25:58 GMT
server: nginx
etag: W/"6178c6c6-14b2b"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Nov 2021 15:13:48 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame A346
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=archive.md&sn=ChromeSyncframe&so=0&topUrl=archive.md&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Hbcs7Hw3cFpJanUvOWczWUc4RDNIcm4wbFRFSGRrZzR6U1gxRi8rQzh6ZXJjVUtZV1d3bUdVakNhVGRqNUJKMEZMREllRGZ6TEZqaXVoMlRjdXJjak5nOS9CbXg3MjBtNXdMZmJuMXNnaUh6cGVpanIwdTk5dHVJZDVibF...

439 B
624 B

47ms
14ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Hbcs7Hw3cFpJanUvOWczWUc4RDNIcm4wbFRFSGRrZzR6U1gxRi8rQzh6ZXJjVUtZV1d3bUdVakNhVGRqNUJKMEZMREllRGZ6TEZqaXVoMlRjdXJjak5nOS9CbXg3MjBtNXdMZmJuMXNnaUh6cGVpanIwdTk5dHVJZDVibFl5OHVqUDJYR0E1MXdleEhpOWIxWUljZWcyaWcwenRkZFBUQTlFdlFLY2szU3RhTzJoZlNMcVpGVXhvMFJjUTR1cjQyMnVJVW8rZzhuamtaUmZ2ZGRjcnlyYlVZMGZZUjRBWHJSd2IybitNT1VjNWViV2lIblpBeUZtYklMc1pYZU93VExCKzFzcVJlMHAvUFdSZ2dncjhRSVpnMnUxQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f4425e13adb55e5f2d0327833fa4c3a8222c40abce62c293b1e73f13da5f74ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 13 Nov 2021 15:13:47 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2228
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 13 Nov 2021 15:13:48 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=Hbcs7Hw3cFpJanUvOWczWUc4RDNIcm4wbFRFSGRrZzR6U1gxRi8rQzh6ZXJjVUtZV1d3bUdVakNhVGRqNUJKMEZMREllRGZ6TEZqaXVoMlRjdXJjak5nOS9CbXg3MjBtNXdMZmJuMXNnaUh6cGVpanIwdTk5dHVJZDVibFl5OHVqUDJYR0E1MXdleEhpOWIxWUljZWcyaWcwenRkZFBUQTlFdlFLY2szU3RhTzJoZlNMcVpGVXhvMFJjUTR1cjQyMnVJVW8rZzhuamtaUmZ2ZGRjcnlyYlVZMGZZUjRBWHJSd2IybitNT1VjNWViV2lIblpBeUZtYklMc1pYZU93VExCKzFzcVJlMHAvUFdSZ2dncjhRSVpnMnUxQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1495
content-length: 541
expires: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame C50B 2 KB
823 B 19ms
19ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1636816425914

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame CEA9 8 KB
4 KB 46ms
11ms Document
text/html 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31d5648df5eebdf3d492b355285870ced53b93143889c04edf9deb94357dd6e6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Mon, 08 Nov 2021 19:40:02 GMT
accept-ranges: bytes
etag: "1484c6be7981ef2d93457ae1b8222f04"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: XJpVPu2BXSnU5zVByYTviEMn6sLZffgbZzlV3WB0OjHU6nX8XKj/Y1MwMMdlVT7rlaf3Tx54t3I=
x-amz-request-id: 548FCWFADJF5CKQT
x-amz-meta-codebuild-content-sha256: 62eaff6ee8ff549c0050f611ee47c040b5383016dfbf921a2d194f6354569f2b
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:d8405d4a-5b5c-467c-aa1e-ad154dcb077c
x-amz-meta-codebuild-content-md5: 81217ffa8e68730be30130a20e0871d1
x-azure-ref-originshield: 05pCPYQAAAACqT6iLj6j7RIXg5Ahe+gS7QU1TMDRFREdFMTkxMAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0LdaPYQAAAACAmAOpPEY9T4oGQLJI3akpRlJBRURHRTEwMTUAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Sat, 13 Nov 2021 15:13:48 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame C22F 22 KB
8 KB 59ms
28ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C236%2C214%2C237%2C2025%2C3014%2C117%2C70%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9eefee4260649b015cb80f0cb6ce80533c2168ac20e9d7433a5d0d5a906e11ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Mon, 15 Nov 2021 15:13:49 GMT
date: Sat, 13 Nov 2021 15:13:49 GMT
content-length: 8177

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E1F8 14 KB
5 KB 38ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=28402
expires: Sat, 13 Nov 2021 23:07:11 GMT
date: Sat, 13 Nov 2021 15:13:49 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5138 52 KB
17 KB 40ms
14ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/archiveis.js?1636816200000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 14 Nov 2021 15:13:51 GMT
Date: Sat, 13 Nov 2021 15:13:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 24ms
19ms Image
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame E1F8 2 KB
3 KB 64ms
17ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4400470&p=161102&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: b1778f51974be001b5d3c1117902e64a56ee0ad3c11b7e46b41c65fc1f792f27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:48 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame EB51 4 KB
2 KB 99ms
32ms Document
text/html 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1367df90ed5bb6e37690dad4c0f1d7ff31b124868686de880fae0604ad9c0e7a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
etag: W/"043f3ce49bb54b2afdf2869770c4c6b91"
timing-allow-origin: *
content-encoding: gzip

GET
H2 204 ps
pixel.33across.com/ Frame 7188 0
0 328ms
108ms Document
text/plain 67.202.105.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-105.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

x-33x-status: 2000208
server: 33XP002
date: Sat, 13 Nov 2021 15:13:48 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 7A7B 2 KB
823 B 20ms
20ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame CDF6 589 B
838 B 55ms
16ms Document
text/html 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e6a8a17e57bb34e20a24d329f691fc8218628351cc56ba07a618b1afc5eebef7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

date: Sat, 13 Nov 2021 15:13:48 GMT
content-type: text/html
content-length: 589

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame D831
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
3 KB

22ms
21ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6229a2b2a747f1254084c466bc3173c5612e4a1922baac912fdfea01a6448448

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|241|45|230|3|4|191|176
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1628
Expires: Sat, 13 Nov 2021 15:13:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 13 Nov 2021 15:13:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
Connection: keep-alive

GET

sync
ads.servenobid.com/ Frame CEA9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&uid=4876386925082413748

0
0

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame CEA9
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1

0
433 B

14ms
14ms

Image
text/plain

216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame CEA9
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT

0
336 B

32ms
32ms

Image
image/avif

52.211.147.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.211.147.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-147-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2 200 101954
jadserve.postrelease.com/suid/ Frame CEA9 43 B
428 B 286ms
91ms Image
image/gif 35.153.224.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.224.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-224-87.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame CEA9
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5134455419440117170

0
344 B

32ms
32ms

Image
image/avif

52.211.147.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5134455419440117170
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.211.147.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-147-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5134455419440117170
Date: Sat, 13 Nov 2021 15:13:49 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame CEA9 0
474 B 63ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame CEA9
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=e5db435e-d7ea-4031-8c43-20950b5a39b2&gdpr=0&gdpr_consent=&us_privacy=1YN-

0
356 B

32ms
32ms

Image
image/avif

52.211.147.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=e5db435e-d7ea-4031-8c43-20950b5a39b2&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.211.147.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-147-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=e5db435e-d7ea-4031-8c43-20950b5a39b2&gdpr=0&gdpr_consent=&us_privacy=1YN-
date: Sat, 13 Nov 2021 15:13:48 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame CEA9
Redirect Chain

https://t.adx.opera.com/pub/sync?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D335%26uid%3D
https://ups.analytics.yahoo.com/ups/58484/occ
https://ups.analytics.yahoo.com/ups/58484/occ?verify=true
https://t.adx.opera.com/sync?vendor=60112&uid=y-47i.JeZE2uH_dEiyn_629ZwyGClr3MMHyCPyNlw-~A
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D$UID
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D%24UID
https://t.adx.opera.com/sync?vendor=60124&uid=11033256105798418974
https://sync.aralego.com/idSync?ucf_nid=par-627D96DE43D94E241EAD99688E72B636&ucf_user_id=585215a4adb0201e&redirect=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fuid%3DUCFUID%26vendor%3D60114
https://t.adx.opera.com/sync?uid=UCFUID&vendor=60114
https://ads.servenobid.com/sync?operaUid=5908fc0bf2a34138ba3e51aa2ffe66b2&pid=335&uid=

0
353 B

32ms
32ms

Image
image/avif

52.211.147.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?operaUid=5908fc0bf2a34138ba3e51aa2ffe66b2&pid=335&uid=
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.211.147.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-147-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:50 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:50 GMT
server: Tengine
access-control-allow-origin: *
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
location: https://ads.servenobid.com/sync?operaUid=5908fc0bf2a34138ba3e51aa2ffe66b2&pid=335&uid=
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 117
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 5138
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
805 B

49ms
49ms

Script
text/html

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
X-Proxy-Origin: 91.199.118.155; 91.199.118.155; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 212d13b5-cd40-4600-a3e2-eba2b9732b90
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
X-Proxy-Origin: 91.199.118.155; 91.199.118.155; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e2ec2a18-8eb5-4df0-8cd5-70144e4b889a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame CDF6 0
343 B 34ms
32ms Image
image/avif 52.211.147.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=791666441177780617&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.147.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-147-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame CDF6
Redirect Chain

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT

43 B
163 B

71ms
18ms

Image
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:48 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame CDF6
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7030073032116140187&gdpr=0&gdpr_consent=

43 B
408 B

33ms
16ms

Image
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7030073032116140187&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:48 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7030073032116140187&gdpr=0&gdpr_consent=
Date: Sat, 13 Nov 2021 15:13:49 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame CDF6
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5764881899331980873&gdpr=0&gdpr_consent=

43 B
431 B

17ms
16ms

Image
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5764881899331980873&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:48 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
server: nginx
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5764881899331980873&gdpr=0&gdpr_consent=
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame CDF6
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=9e576311-9bab-4a9e-ab48-8350f2942be0&gdpr=0&gdpr_consent=

43 B
471 B

238ms
238ms

Image
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=9e576311-9bab-4a9e-ab48-8350f2942be0&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
server: Apache-Coyote/1.1
location: https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=9e576311-9bab-4a9e-ab48-8350f2942be0&gdpr=0&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 57A0
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=F854D849-B6F0-4DE3-9293-F49797D0980A
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F854D849-B6F0-4DE3-9293-F49797D0980A

35 B
476 B

27ms
15ms

Document
image/gif

37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F854D849-B6F0-4DE3-9293-F49797D0980A

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Sat, 13 Nov 2021 15:13:49 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F854D849-B6F0-4DE3-9293-F49797D0980A
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 823B
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5298848956256377212

42 B
366 B

13ms
12ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5298848956256377212
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 13 Nov 2021 15:13:47 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug005:0:361
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5298848956256377212
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8616
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
342 B

68ms
16ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug006:0:395
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

date: Sat, 13 Nov 2021 15:13:49 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: Sat, 13 Nov 2021 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3534502

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E1F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-FTYSbbwTeOSk_SXl9CYCg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

13ms
7ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=28402
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sat, 13 Nov 2021 23:07:11 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame E1F8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cc3d618f-d62c-4200-a8f0-c0d3eb13ec1c

0
128 B

46ms
13ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cc3d618f-d62c-4200-a8f0-c0d3eb13ec1c
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 13 Nov 2021 15:13:49 GMT
Server: MT3 4103 f8fad19 master zrh-pixel-x28 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cc3d618f-d62c-4200-a8f0-c0d3eb13ec1c
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 13 Nov 2021 15:13:48 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E1F8
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=F854D849-B6F0-4DE3-9293-F49797D0980A
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=865a12592e1edabab7ede6f59971c427
https://spl.zeotap.com/?zdid=1332&zcluid=680c7375d4671c7b
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5d909844-73c2-4691-7e88-9eb356a11056&reqId=da1c4c71-a240-46bc-5ed2-f5448b94b9e0&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEHBsmgTiWXmcGzOKCIRzJVY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5d909844-73c2-4691-7e88-9eb356a11056&reqId=da1c4c71-a240-46bc-5ed2-f54...

95 B
164 B

20ms
19ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEHBsmgTiWXmcGzOKCIRzJVY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5d909844-73c2-4691-7e88-9eb356a11056&reqId=da1c4c71-a240-46bc-5ed2-f5448b94b9e0&zcluid=680c7375d4671c7b&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6ad8f23c4c4a4e86-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEHBsmgTiWXmcGzOKCIRzJVY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5d909844-73c2-4691-7e88-9eb356a11056&reqId=da1c4c71-a240-46bc-5ed2-f5448b94b9e0&zcluid=680c7375d4671c7b&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E1F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjg1NEQ4NDktQjZGMC00REUzLTkyOTMtRjQ5Nzk3RDA5ODBB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
187 B

20ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:48 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:468
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E1F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM2Hq6p07DDZckwEwe0QerA&google_cver=1

42 B
360 B

19ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM2Hq6p07DDZckwEwe0QerA&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:48 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:604
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM2Hq6p07DDZckwEwe0QerA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame E1F8 43 B
616 B 72ms
15ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 12 Nov 2021 15:13:49 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E1F8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7787618f-d62c-4100-93b9-baf573fa22e1&gdpr=0&gdpr_consent=

42 B
420 B

72ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7787618f-d62c-4100-93b9-baf573fa22e1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:417
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 13 Nov 2021 15:13:49 GMT
Server: MT3 4103 f8fad19 master zrh-pixel-x9 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7787618f-d62c-4100-93b9-baf573fa22e1&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 13 Nov 2021 15:13:48 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E1F8
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2675393310278944215

42 B
233 B

19ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2675393310278944215
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug011:0:367
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2675393310278944215
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E1F8
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bc278112-f222-45ba-9a4a-207e71f23e0a

42 B
291 B

19ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bc278112-f222-45ba-9a4a-207e71f23e0a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:497
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bc278112-f222-45ba-9a4a-207e71f23e0a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E1F8
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4876386925082413748&gdpr=0&gdpr_consent=

42 B
520 B

51ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4876386925082413748&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 14:31:51 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0022:0:446
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
X-Proxy-Origin: 91.199.118.155; 91.199.118.155; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 309f4f16-ae05-4ea2-94d0-726a606db8d4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4876386925082413748&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame E1F8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F854D849-B6F0-4DE3-9293-F49797D0980A&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F854D849-B6F0-4DE3-9293-F49797D0980A&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-C1u3g7tE2uUpyK6NL1A_XX1x31iyefM-~A&gdpr=0&gdpr_consent=

0
260 B

70ms
13ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-C1u3g7tE2uUpyK6NL1A_XX1x31iyefM-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:47 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-C1u3g7tE2uUpyK6NL1A_XX1x31iyefM-~A&gdpr=0&gdpr_consent=
date: Sat, 13 Nov 2021 15:13:49 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame D831 70 B
265 B 108ms
27ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame D831
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY_WLY1H7VmFwmavD_OjgQAABIMAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY_WLY1H7VmFwmavD_OjgQAABIMAAAAB&dcc=t

43 B
645 B

106ms
105ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY_WLY1H7VmFwmavD_OjgQAABIMAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NRC417YY9HFHD081FH8J
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GH88Q5A0Q71TW76S73Z3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY_WLY1H7VmFwmavD_OjgQAABIMAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D831
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YY-WLY1H7VmFwmavD-OjgQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKLxqrKxRKgXPvxZcngxtvs&google_cver=1&gdpr=1

43 B
1000 B

32ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKLxqrKxRKgXPvxZcngxtvs&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Nov 2021 15:13:49 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKLxqrKxRKgXPvxZcngxtvs&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame D831
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY_WLY1H7VmFwmavD_OjgQAABIMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI2DNug3UCEzFw_-k7qqDaY&google_cver=1

43 B
315 B

15ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI2DNug3UCEzFw_-k7qqDaY&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 13 Nov 2021 15:13:49 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI2DNug3UCEzFw_-k7qqDaY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D831
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9fd7618f-d62c-4200-bf98-338bc4901456&gdpr=1&gdpr_consent=

43 B
1009 B

16ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9fd7618f-d62c-4200-bf98-338bc4901456&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Nov 2021 15:13:49 GMT

Redirect headers

Date: Sat, 13 Nov 2021 15:13:49 GMT
Server: MT3 4103 f8fad19 master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9fd7618f-d62c-4200-bf98-338bc4901456&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 13 Nov 2021 15:13:48 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D831
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2986191211660045799

43 B
992 B

33ms
20ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2986191211660045799
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Nov 2021 15:13:49 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2986191211660045799
pragma: no-cache
date: Sat, 13 Nov 2021 15:13:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET index
dmp.brand-display.com/cm/api/ Frame D831 0
0

GET
H2 200 113
match.deepintent.com/usersync/ Frame D831 0
44 B 280ms
92ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:48 GMT
content-length: 0
server: b

GET
H2 200 sync
ads.servenobid.com/ Frame D831 0
357 B 34ms
32ms Image
image/avif 52.211.147.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=YY_WLY1H7VmFwmavD_OjgQAABIMAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.147.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-147-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame EB51
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=8853291561707285166

35 B
237 B

60ms
57ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=8853291561707285166
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
X-Proxy-Origin: 91.199.118.155; 91.199.118.155; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 45e60096-22c5-4be1-8468-bf38e2d21ec1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=8853291561707285166
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame EB51
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2303c004-94ba-4102-a062-052a262a8952&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2303c004-94ba-4102-a062-052a262a8952&gdpr=0&gdpr_consent=&us_privacy=1---
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
https://x.bidswitch.net/sync?dsp_id=59&user_id=6366cde9-183f-4834-a054-7f940af52a1a&ssp=gumgum2
https://rtb.gumgum.com/usersync?b=bsw&i=6561a5d6-93f6-41fc-83ce-f90baf8695da

35 B
237 B

38ms
38ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=6561a5d6-93f6-41fc-83ce-f90baf8695da
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: //rtb.gumgum.com/usersync?b=bsw&i=6561a5d6-93f6-41fc-83ce-f90baf8695da
Date: Sat, 13 Nov 2021 15:13:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame EB51
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-4400c6f5-98f5-4f51-523b-94afd25eaefb$ip$91.199.118.155

35 B
237 B

41ms
40ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-4400c6f5-98f5-4f51-523b-94afd25eaefb$ip$91.199.118.155
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-4400c6f5-98f5-4f51-523b-94afd25eaefb$ip$91.199.118.155
Date: Sat, 13 Nov 2021 15:13:49 GMT
Connection: keep-alive
Content-Length: 123
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame EB51
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2303c004-94ba-4102-a062-052a262a8952&gdpr=0&gdpr_consent=&us_privacy=1---
https://stags.bluekai.com/site/23178?id=Nw_ZXo5LWvJ7E3hzgFym&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TTXL5NFQ3ZVJRLXMSRXIUZWQ6THIZ4W2JTVONPXA...
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=Nw_ZXo5LWvJ7E3hzgFym&us_privacy=1---

35 B
237 B

39ms
38ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=Nw_ZXo5LWvJ7E3hzgFym&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:49 GMT
P3p: CP="We do not support P3P header."
Location: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=Nw_ZXo5LWvJ7E3hzgFym&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 118
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame EB51
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

35 B
237 B

41ms
38ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame EB51
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=jA1WDOxurt0E&ev=1&pid=558355

35 B
237 B

39ms
38ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=jA1WDOxurt0E&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://rtb.gumgum.com/usersync?b=pln&i=jA1WDOxurt0E&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-544c4f9c45-m8dsb
expires: -1

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame EB51
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28mNrj_L5C4aqqvedIvQapPEo9affX5CHokh-glClEyD0uFz78mgRFienwyLit3UJu%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_2303c004-94ba-4102-a062-052a262a8952&obuid=ENC(mNrj_L5C4aqqvedIvQapPEo9affX5CHokh-glClEyD0uFz78mgRFienwyLit3UJu)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=mNrj_L5C4aqqvedIvQapPEo9affX5CHokh-glClEyD0uFz78mgRFienwyLit3UJu
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=8853291561707285166&obUid=mNrj_L5C4aqqvedIvQapPEo9affX5CHokh-glClEyD0uFz78mgRFienwyLit3UJu

0
291 B

100ms
100ms

Image
text/plain

70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=8853291561707285166&obUid=mNrj_L5C4aqqvedIvQapPEo9affX5CHokh-glClEyD0uFz78mgRFienwyLit3UJu
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 15:13:50 GMT
Cache-Control: no-cache
X-TraceId: e55708d08572defb09e14f5052e36dd5
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:50 GMT
X-Proxy-Origin: 91.199.118.155; 91.199.118.155; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 20a73739-91e0-4134-b5be-2b113fa49db5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=8853291561707285166&obUid=mNrj_L5C4aqqvedIvQapPEo9affX5CHokh-glClEyD0uFz78mgRFienwyLit3UJu
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame EB51
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=1ed54fad-da89-4995-b0a4-b928818ea89f

35 B
237 B

38ms
38ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=1ed54fad-da89-4995-b0a4-b928818ea89f
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sat, 13 Nov 2021 15:13:49 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=1ed54fad-da89-4995-b0a4-b928818ea89f
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame EB51
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-_9O5FRlE2pe8mgoDYPzdB_rImeB5lENhFyC3~A

35 B
237 B

38ms
38ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-_9O5FRlE2pe8mgoDYPzdB_rImeB5lENhFyC3~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sat, 13 Nov 2021 15:13:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-_9O5FRlE2pe8mgoDYPzdB_rImeB5lENhFyC3~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame EB51
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
https://rtb.gumgum.com/usersync?b=vnt&i=4df47ead-4494-11ec-a962-b5def777d2db

35 B
237 B

40ms
39ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=4df47ead-4494-11ec-a962-b5def777d2db
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=4df47ead-4494-11ec-a962-b5def777d2db
Date: Sat, 13 Nov 2021 15:13:49 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 4df47eae-4494-11ec-a962-b5def777d2db

GET
H2 204 services
sync.technoratimedia.com/ Frame EB51 0
293 B 307ms
96ms Image
text/plain 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 108614600
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame EB51 0
16 B 113ms
92ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:48 GMT
content-length: 0
server: b

GET
H2

200

usersync
rtb.gumgum.com/ Frame EB51
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=98b4ded4-12af-46ea-8c6c-ca8803389735

35 B
237 B

39ms
39ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=98b4ded4-12af-46ea-8c6c-ca8803389735
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=98b4ded4-12af-46ea-8c6c-ca8803389735
date: Sat, 13 Nov 2021 15:13:49 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame EB51 0
75 B 16ms
16ms Image
text/plain 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:48 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame EB51 0
357 B 44ms
31ms Image
image/avif 52.211.147.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_2303c004-94ba-4102-a062-052a262a8952
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.147.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-147-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3E33 14 KB
5 KB 18ms
6ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=28402
expires: Sat, 13 Nov 2021 23:07:11 GMT
date: Sat, 13 Nov 2021 15:13:49 GMT
vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 9E94
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=bc278112-f222-45ba-9a4a-207e71f23e0a&t=1639408429

35 B
237 B

38ms
38ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=bc278112-f222-45ba-9a4a-207e71f23e0a&t=1639408429
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=bc278112-f222-45ba-9a4a-207e71f23e0a&t=1639408429
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DA52
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

29ms
6ms

Document
text/html

23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Nov 2021 15:13:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=gumgum
Date: Sat, 13 Nov 2021 15:13:49 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame D258
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=cc3d618f-d62c-4200-a8f0-c0d3eb13ec1c&gdpr=0&gdpr_consent=

35 B
237 B

41ms
39ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=cc3d618f-d62c-4200-a8f0-c0d3eb13ec1c&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sat, 13 Nov 2021 15:13:49 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4103 f8fad19 master zrh-pixel-x28 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=cc3d618f-d62c-4200-a8f0-c0d3eb13ec1c&gdpr=0&gdpr_consent=
Expires: Sat, 13 Nov 2021 15:13:48 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 5748
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YY-WLQAAAPUhkwBG
https://rtb.gumgum.com/usersync?b=atm&i=YY-WLQAAAPUhkwBG&gdpr=0&gdpr_consent=&_test=YY-WLQAAAPUhkwBG

35 B
237 B

38ms
38ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YY-WLQAAAPUhkwBG&gdpr=0&gdpr_consent=&_test=YY-WLQAAAPUhkwBG
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YY-WLQAAAPUhkwBG&gdpr=0&gdpr_consent=&_test=YY-WLQAAAPUhkwBG
accept-ranges: bytes
date: Sat, 13 Nov 2021 15:13:49 GMT
via: 1.1 varnish
x-served-by: cache-fra19156-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1636816429.344465,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame C89E 170 B
243 B 27ms
20ms Document
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yMzAzYzAwNC05NGJhLTQxMDItYTA2Mi0wNTJhMjYyYTg5NTI=&gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

content-type: image/png
date: Sat, 13 Nov 2021 15:13:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: clear

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame FE24 0
0 381ms
149ms Document
text/plain 208.100.17.175
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.175 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip175.208-100-17.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

x-33x-status: 2000208
server: 33XP005
date: Sat, 13 Nov 2021 15:13:49 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame CE28 0
0 71ms
8ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

content-type: text/html
date: Sat, 13 Nov 2021 15:13:48 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame F7F9
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YY-WLcCo5tEAAEHGDBkAAAAA

35 B
237 B

43ms
38ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YY-WLcCo5tEAAEHGDBkAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Sat, 13 Nov 2021 15:13:50 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Sat, 13 Nov 2021 15:13:49 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YY-WLcCo5tEAAEHGDBkAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 31
X-SO-HostName: a-ad40242.dc2p.scaleout.jp
X-SO-LB-Hostname: a-tgng40013.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":18,"gdpr":true,"ipv4":"0.0.0.0","key":"YY-WLcCo5tEAAEHGDBkAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40242"}
X-SO-Key: YY-WLcCo5tEAAEHGDBkAAAAA
X-SO-IP: 91.199.118.155
X-SO-Cluster-ID: 18
X-SO-Upstream-ID: a-ad40242

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 06E3
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=5134455419440117170

35 B
237 B

88ms
87ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=5134455419440117170
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sat, 13 Nov 2021 15:13:49 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://rtb.gumgum.com/usersync?b=zet&i=5134455419440117170
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 6228
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=cPaP6dDmYorXe0yQTDNh&pi=gumgum&tc=1

35 B
237 B

46ms
45ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=cPaP6dDmYorXe0yQTDNh&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sat, 13 Nov 2021 15:13:49 GMT Sat, 13 Nov 2021 15:13:49 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=cPaP6dDmYorXe0yQTDNh&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DA52 32 KB
10 KB 8ms
8ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 15:13:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23788
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9510
Expires: Sat, 13 Nov 2021 21:50:17 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame DA52 284 B
536 B 364ms
91ms Image
image/jpg 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: d5a7ef20801cf5cb1ee516b6110e672f
Content-Type: image/jpg

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5138 0
733 B 21ms
20ms Script
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 15:13:50 GMT
X-Proxy-Origin: 91.199.118.155; 91.199.118.155; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0d54435d-ccb7-47f3-824d-7da65e7606d2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame E1F8 0
128 B 14ms
12ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=161102&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:13:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 91.199.118.155.de.pin6.295673402.pixel.archive.md
URL: https://91.199.118.155.de.pin6.295673402.pixel.archive.md/x.gif

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=312&uid=4876386925082413748

Domain: dmp.brand-display.com
URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

89 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
archive.md/	1970-01-19 22:40:23	Name: _ga Value: GA1.2.661111166.1636816425
.archive.md/	1970-01-20 06:39:47	Name: tmr_lvid Value: db66c86bd25453336456ea90d4c49147
.archive.md/	1970-01-20 06:39:47	Name: tmr_lvidTS Value: 1636816425532
.archive.md/	1970-01-20 06:39:47	Name: tmr_reqNum Value: 2
.mail.ru/	1970-01-20 07:27:18	Name: VID Value: 2gO1bZ37Pao600000X12H426:::0-0-0-6aa2ee9:CAASENmpCGvaf8boyYIr31UjUs0aYP4iuh3-HUgjGs0HuneR-K118UGvyuK5jovTOyhAESlzq_WK09a1ls2IRNxlfw0_-65ogavjBoHThm6BKQH7J_6q2UeYjCtrXpUy-fUicJeeHTshxjTOzNWiERvpk29viw
.doubleclick.net/	1970-01-20 08:01:52	Name: IDE Value: AHWqTUnX0XpaFKGWLztt0Du7k6NZnbLexdcDeukZp1iPSLFQgC7SkYbYiWmnEnvzqvY
.archive.md/	1970-01-20 08:01:52	Name: __gads Value: ID=780c75fe31724fd1:T=1636816425:S=ALNI_MbfbXGi_O31tFPJaaWaihXYF2w9zA
.doubleclick.net/	1970-01-19 22:40:20	Name: DSID Value: NO_DATA
archive.md/	1970-01-19 22:41:42	Name: tmr_detect Value: 0%7C1636816427910
.criteo.com/	1970-01-20 08:01:52	Name: uid Value: 34f94b58-a25c-4f3e-8456-e317e8778a70
.archive.md/	1970-01-20 08:01:52	Name: cto_bundle Value: XQCTuV80MiUyQlVPM2dMeGNWemt5M1ZCZVlJdEx6NjlrdjdQVyUyQm53clJjQklNM0tuODVIRE9pZzBsM1VWZlVLJTJCWjNZTTk2b1h0ZEttMlVwJTJGeHBtSzR6TyUyRkdoRjc2VDNoYmhFcjNya1lRNnAxVDJBNDhFM2UlMkJ1YTczOFE0TDBEMlJzQkJkc3lnbTJvdzFDaTRqNiUyQmNYWFc5anFFQSUzRCUzRA
.ads.pubmatic.com/	1970-01-19 22:41:42	Name: KCCH Value: YES
.casalemedia.com/	1970-01-20 07:25:52	Name: CMID Value: YY-WLY1H7VmFwmavD-OjgQAA
.casalemedia.com/	1970-01-20 00:49:52	Name: CMPS Value: 3165
.lijit.com/	1970-01-20 07:25:52	Name: ljt_reader Value: 0874a6b8c905f6beb78f7536
.smartadserver.com/	1970-01-20 08:10:30	Name: pid Value: 791666441177780617
.adx.opera.com/	1970-01-19 23:23:28	Name: UID Value: 5908fc0bf2a34138ba3e51aa2ffe66b2
.adx.opera.com/	1970-01-19 23:23:28	Name: oads_scb Value: aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9vcGVyYVVpZD01OTA4ZmMwYmYyYTM0MTM4YmEzZTUxYWEyZmZlNjZiMiZwaWQ9MzM1JnVpZD0%3D
.pubmatic.com/	1970-01-20 00:49:52	Name: KADUSERCOOKIE Value: F854D849-B6F0-4DE3-9293-F49797D0980A
.pubmatic.com/	1970-01-20 00:49:52	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 22:41:42	Name: pi Value: 161102:2
.pubmatic.com/	1970-01-20 00:49:52	Name: DPSync3 Value: 1637971200%3A219_201_197%7C1636848000%3A174
.pubmatic.com/	1970-01-20 00:49:52	Name: SyncRTB3 Value: 1637971200%3A21_7_161_56_3_220_13_54%7C1637366400%3A223%7C1638057600%3A35
.rfihub.com/	1970-01-20 08:01:52	Name: rud Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxtDQxMTA0NDc0NxDiM9QtjcopcM4wys7LSPWT4jU0MzazMDQzMbI0NDIBAI2WRbY0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxtDQxMTA0NDc0NxDiM9QtjcopcM4wys7LSPUDAJBFazwlAAAA
.casalemedia.com/	1970-01-20 00:49:52	Name: CMPRO Value: 1155
.casalemedia.com/	1970-01-19 22:41:42	Name: CMST Value: YY-WLWGP1i0A
.servenobid.com/	1970-01-19 22:50:21	Name: pid_321 Value: OPTOUT
.gumgum.com/	1970-01-20 07:25:52	Name: vst Value: e_2303c004-94ba-4102-a062-052a262a8952
.servenobid.com/	1970-01-19 22:50:21	Name: pid_324 Value: 5134455419440117170
.servenobid.com/	1970-01-19 22:50:21	Name: pid_317 Value: 791666441177780617
.analytics.yahoo.com/	1970-01-20 07:27:18	Name: IDSYNC Value: 18z8~21if
.yahoo.com/	1970-01-20 07:26:14	Name: A3 Value: d=AQABBC3Wj2ECEMAwwKCw1mtkYBHlcON10oUFEgEBAQEnkWGZYQAAAAAA_eMAAA&S=AQAAAujTQpfEyqWGuYzA_vCnt0I
.adnxs.com/	1970-01-20 00:49:52	Name: uuid2 Value: 8853291561707285166
.servenobid.com/	1970-01-19 22:50:21	Name: pid_333 Value: YY_WLY1H7VmFwmavD_OjgQAABIMAAAAB
.adfarm1.adition.com/	1970-01-20 00:49:52	Name: UserID1 Value: 7030073032116140187
.adform.net/	1970-01-19 23:23:28	Name: C Value: 1
.onaudience.com/	1970-01-20 07:25:52	Name: cookie Value: 680c7375d4671c7b
.onaudience.com/	1970-01-19 22:41:42	Name: done_redirects104 Value: 1
.mathtag.com/	1970-01-20 08:06:11	Name: uuid Value: 9fd7618f-d62c-4200-bf98-338bc4901456
.simpli.fi/	1970-01-20 07:27:18	Name: suid Value: 2C951C9541484731911EFFF5E0912178
.turn.com/	1970-01-20 02:59:28	Name: uid Value: 2986191211660045799
.rfihub.com/	1970-01-20 08:01:52	Name: eud Value: H4sIAAAAAAAAAFslxmtoZmxmYWhmYmRpZGR0ShyJb2hkAgAzRqnkIAAAAA
.pubmatic.com/	1970-01-20 00:49:52	Name: KRTBCOOKIE_57 Value: 22776-4876386925082413748
.pubmatic.com/	1970-01-20 00:49:52	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 00:49:52	Name: KRTBCOOKIE_80 Value: 22987-CAESEM2Hq6p07DDZckwEwe0QerA&KRTB&16514-CAESEM2Hq6p07DDZckwEwe0QerA&KRTB&23025-CAESEM2Hq6p07DDZckwEwe0QerA
.servenobid.com/	1970-01-19 22:50:21	Name: pid_309 Value: e_2303c004-94ba-4102-a062-052a262a8952
.bidswitch.net/	1970-01-20 07:25:52	Name: tuuid Value: 6561a5d6-93f6-41fc-83ce-f90baf8695da
.bidswitch.net/	1970-01-20 07:25:52	Name: c Value: 1636816429
.bidswitch.net/	1970-01-20 07:25:52	Name: tuuid_lu Value: 1636816429
.de17a.com/	1970-01-20 07:18:40	Name: guid2 Value: 1.5298848956256377212
.3lift.com/	1970-01-20 00:49:52	Name: tluid Value: 11033256105798418974
.openx.net/	1970-01-20 07:25:52	Name: i Value: 3a44d484-5b1b-4e34-8d09-612d2df99a24\|1636816429
.adform.net/	1970-01-20 00:06:40	Name: uid Value: 5764881899331980873
.pubmatic.com/	1970-01-19 23:23:28	Name: SPugT Value: 1636816428
.creativecdn.com/	1970-01-20 07:25:52	Name: u Value: cPaP6dDmYorXe0yQTDNh
.creativecdn.com/	1970-01-20 07:25:52	Name: ts Value: 1636816429
.adsrvr.org/	1970-01-20 07:25:52	Name: TDID Value: bc278112-f222-45ba-9a4a-207e71f23e0a
.casalemedia.com/	1970-01-20 07:25:52	Name: CMRUM3 Value: e6618fd62d2760&b0618fd62d05a00&bf618fd62d05a0&27618fd62d0b40&03618fd62d05a0&f1618fd62d05a0&04618fd62d05a0&2d618fd62d2760CAESEKLxqrKxRKgXPvxZcngxtvs
.pubmatic.com/	1970-01-20 07:25:52	Name: KRTBCOOKIE_27 Value: 16735-uid:7787618f-d62c-4100-93b9-baf573fa22e1&KRTB&16736-uid:7787618f-d62c-4100-93b9-baf573fa22e1&KRTB&23019-uid:7787618f-d62c-4100-93b9-baf573fa22e1&KRTB&23114-uid:7787618f-d62c-4100-93b9-baf573fa22e1
.pubmatic.com/	1970-01-19 23:23:28	Name: KRTBCOOKIE_391 Value: 22924-2675393310278944215&KRTB&23263-2675393310278944215
.pubmatic.com/	1970-01-19 23:23:28	Name: KRTBCOOKIE_336 Value: 5844-5298848956256377212
.adsrvr.org/	1970-01-20 07:25:52	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiO0eekx7CTOhAFGAUgASgCMgsIzJG_0d2wkzoQBTgB
.pubmatic.com/	1970-01-20 00:49:52	Name: KRTBCOOKIE_377 Value: 6810-bc278112-f222-45ba-9a4a-207e71f23e0a&KRTB&22918-bc278112-f222-45ba-9a4a-207e71f23e0a&KRTB&23031-bc278112-f222-45ba-9a4a-207e71f23e0a
.pubmatic.com/	1970-01-19 23:23:28	Name: PugT Value: 1636816429
.everesttech.net/	1970-01-20 07:25:52	Name: everest_g_v2 Value: g_surferid~YY-WLQAAAPUhkwBG
.postrelease.com/	1970-01-20 07:25:52	Name: opt_out Value: 1
.a-mo.net/	1970-01-20 07:25:52	Name: amuid2 Value: e5db435e-d7ea-4031-8c43-20950b5a39b2
.servenobid.com/	1970-01-19 22:50:21	Name: pid_327 Value: e5db435e-d7ea-4031-8c43-20950b5a39b2
ads.avct.cloud/	1970-01-20 07:25:52	Name: uuid Value: 6366cde9-183f-4834-a054-7f940af52a1a
.crwdcntrl.net/	1970-01-20 05:09:04	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:09:04	Name: _cc_id Value: 865a12592e1edabab7ede6f59971c427
.crwdcntrl.net/	1970-01-20 05:09:04	Name: _cc_cc Value: "ACZ4XmNQsDAzTTQ0MrU0SjVMTUlMSkwyT01JNUsztbQ0N0w2MTJnAILE%2Fmu6IBoKAGASCxA%3D"
.crwdcntrl.net/	1970-01-20 05:09:04	Name: _cc_aud Value: "ABR4XmNgYGBI7L%2BmC6SgAAAYmgH0"
.onaudience.com/	1970-01-19 22:41:42	Name: done_redirects219 Value: 1
.360yield.com/	1970-01-20 00:49:52	Name: tuuid Value: 98b4ded4-12af-46ea-8c6c-ca8803389735
.360yield.com/	1970-01-20 00:49:52	Name: tuuid_lu Value: 1636816429
.tidaltv.com/	1970-01-20 07:25:52	Name: tidal_ttid Value: 9e576311-9bab-4a9e-ab48-8350f2942be0
.zeotap.com/	1970-01-20 07:25:52	Name: zc Value: 5d909844-73c2-4691-7e88-9eb356a11056
.zeotap.com/	1970-01-19 22:41:42	Name: zsc Value: k%C1%06%CF%FBO%F0%92G%9E%1B%1B%17%17%21%8F%F9x%99%04%A8dN2%A2%FD%5EH%FC%9E%AE%18%AF%AF%9B%1A%8D%DBdq%8C%D5%1E%82l%40%81%A7%E2%E7%E1%FC%27%D6%1E%99%C0%AEY7%5D%E5%A7%F9T%AB%0AX%B7%11%0E%A7%0A%1D%B3%0F2%DC2%0B%FE%B9O
.tidaltv.com/	1970-01-20 07:25:52	Name: sync-his Value: "H4sIAAAAAAAAADM0sjQ2tTI0NgMAgFGRTwkAAAA="
.technoratimedia.com/	1970-01-21 18:28:16	Name: tads_uid Value: GDPR
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: d7d018da7ffdc8da
sync.srv.stackadapt.com/	1970-01-20 07:25:52	Name: sa-user-id Value: s%3A0-4400c6f5-98f5-4f51-523b-94afd25eaefb.SNUI43Lg%2BSOPR8sGfl0LEaPqGedOmurSxlUUD5BwPZc
.srv.stackadapt.com/	1970-01-20 07:25:52	Name: sa-user-id-v2 Value: s%3A0-4400c6f5-98f5-4f51-523b-94afd25eaefb%24ip%2491.199.118.155.PNBIgNmMHKiyOWDhz3ugMhK8HN9uLQLjc6wg5rsIDOE
.ipredictive.com/	1970-01-20 07:25:52	Name: cu Value: 4df47ead-4494-11ec-a962-b5def777d2db\|1636816429536
.outbrain.com/	1970-01-20 00:49:52	Name: obuid Value: 9d9a789d-bde8-4b6a-8591-d94df84b2352
.zemanta.com/	1970-01-20 07:25:52	Name: zuid Value: Nw_ZXo5LWvJ7E3hzgFym
.smartadserver.com/	1970-01-20 08:09:04	Name: csync Value: 22:5764881899331980873\|49:7030073032116140187\|96:9e576311-9bab-4a9e-ab48-8350f2942be0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://91.199.118.155.de.pin6.295673402.pixel.archive.md/x.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9454946816537646&output=html&adk=1812271804&adf=3025194257&lmt=1636816425&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Farchive.md%2FhhJwM&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636816425669&bpp=4&bdt=815&idt=201&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=438868652872&frm=20&pv=2&ga_vid=661111166.1636816425&ga_sid=1636816426&ga_hid=1861197712&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2023808963726945&pem=684&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=224 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1271204050105835077/cs2204g0024_081_585117_de_cs_co_fy22q4_oa_bf-presale_728x90.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

91.199.118.155.de.pin6.295673402.pixel.archive.md
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.avct.cloud
ads.pubmatic.com
ads.servenobid.com
adservice.google.co.uk
adservice.google.com
adservice.google.de
archive.md
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn4.buysellads.net
ce.lijit.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
match.adsrvr.org
match.deepintent.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.33across.com
pixel.onaudience.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync.tidaltv.com
t.adx.opera.com
tg.socdm.com
token.rubiconproject.com
top-fwz1.mail.ru
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
uuid
www.google.com
www.googletagservices.com
x.bidswitch.net
91.199.118.155.de.pin6.295673402.pixel.archive.md
ads.servenobid.com
dmp.brand-display.com

104.111.215.191
142.250.184.194
142.250.186.66
146.59.148.16
147.75.38.124
15.197.193.217
151.101.66.49
162.210.196.208
169.197.150.8
169.50.137.184
178.162.133.149
178.250.0.163
178.250.2.131
178.250.2.146
18.156.0.31
18.185.209.98
18.195.155.181
185.184.8.65
185.255.84.151
185.29.132.241
185.33.221.90
185.33.221.91
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.86.139.113
185.86.139.94
193.0.160.129
193.122.130.38
198.148.27.140
198.47.127.20
2.18.232.130
2.18.233.180
2.18.234.21
2.18.235.93
2001:678:cb4:bbbb::11
202.241.208.55
208.100.17.175
209.54.180.3
213.155.156.168
213.19.147.45
216.52.2.48
217.69.133.145
23.37.42.132
23.79.143.124
2606:4700:10::ac43:db6
2606:4700:20::681a:8a9
2606:4700::6812:272
2620:1ec:46::44
2a00:1288:110:c305::8000
2a00:1450:4001:811::2003
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2006
2a02:2638:1::13
2a02:2638:1::3
2a05:d018:24:b002:2591:850:d183:b9b4
34.107.148.139
34.232.92.67
35.153.224.87
35.244.159.8
37.157.2.237
5.188.88.193
50.31.142.159
51.89.9.252
52.16.241.140
52.17.151.21
52.208.210.171
52.211.147.79
54.87.192.123
63.35.242.195
67.202.105.21
69.173.151.100
70.42.32.95
76.223.111.18
82.145.213.8
85.114.159.118
94.31.29.32
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
007e751a8c84da12dd1a06d4d9584db3bbc7a33580e0ec16179128c1e13c08b8
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cbeb82560bf125d7d14daf8191bdc4c665724cd571f74ebb47f2b3db482add9
0d29f9bfa31123f6cd437f9f248afccc3794428f5a20ce80d0b93882f602dc84
0dbaf969fd6f68c6f8d99e39c929aabe7d3990a694648bb04ff75c6854d1ba98
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fbca99ceacc1837450eb17c46332320c6a4d5bdf0aebab92266ad089be1e9b9
0ff42fd75f8f165a9ad7d8e2a7bf04bf49064041b4d3e35f2f9c702b1f0592a8
1201e386b896efdef9108ef40d2a52d198ffa273aeb70ef1ba077ea65983c3df
1367df90ed5bb6e37690dad4c0f1d7ff31b124868686de880fae0604ad9c0e7a
14c4aaa914e72805a884790e1731c43c1d5295f6f3c5ba49886f790685116407
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18effc3e1d7d2666081661e5cdb15fb6827743fe7614020981957a583b43b277
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
259f5e7f56e5f41dc5b994ce3745ab85ba7dc41237f101128cd832350ba15a65
26c759badd0513d9404e6b8820d36253e8622bef516c6f8c2a9e36172bfb4a97
2827ed06dc68c3072061b21b8132328e59534ee20468a5d2c5a217fae9fd6638
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
2b8a019c566a194e76e9bb7eed737c34692f5b0c84d7764a1433cd9fb41c3d9d
2face8b4fcda787d69d7e7fd2f3a6a913e5281d40161348dd64b30a15a1760d7
31d5648df5eebdf3d492b355285870ced53b93143889c04edf9deb94357dd6e6
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
34404bb3a946a7996e6d791d22c50a538f23e365cb1c8e8cc85d9783ace86b42
345512a51cb823e2fb0b081f3e1e7ca5b1001150f54dd34c928c842e5f14271a
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3889ae685af7cc08c4a1f5765c7324942bb1f2d3dc89eb88c70947daa730d9fa
3d1ce10febc8ec99c731c214836bc3effb8e684b481dfa57347510d4ef1f47fa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44378d4ab3facc1984d5a23816a7c8c4fee1e7ecc0918fec19421a39985d4227
44ad17dd9f7575456243736c32b3c59a8c5373aba00473c81c701582e9ccea20
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
497657a7cac62efb984441fcd253b19e2c81db3c6aca5ce40f48afc1a58b815c
4cdf461ea92a075ca567edf8798d3c9e417c4ec08970b508972e5b6f794f256d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50e97ad557129033ec1aec0ba02350297e2dee07a2a836e785b6033613f4d615
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
601e8630cf738da5b6b4324edf5ea5d9deba117fdfc901252d9b66387cca8d56
61de2c1b3920138f55245cdc7d1111c5bfc81a3cea2c8ab4916f46db6593dfa0
6229a2b2a747f1254084c466bc3173c5612e4a1922baac912fdfea01a6448448
62996bc7684e6e0e9c3276dd31be43018bf4988f790dccf3b8b560a0e3bb9fb9
63813c7b8b580e0e90bd289c8f33a5d4fb3109b6213ebed12b6620bfb5c71f6e
640bb3a95a370ddf0166fc369a44b63363a2174d1838350118ffe0ecb7000b1d
654d6cbb0b69f6645467007383502c4ed3ea983672296f175ee22d2b425b4f8b
66197060c2bc8edf7fc6f24ce19f6f4075a9317f55f5842851bbead9ff373efd
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
75b293f934997ae32301e710fbe6be27fe8c12b807952fa76c39aa83a4d2b205
7640ef31af160f781c9d324ab6b6fb8048fe1f27ec3a251433c610f764104213
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
7d81272fb54869b75749212480c2f9b25e3d4de69191a03fd3920bdf9bc07123
8058607837da5274be69ccf94da48f53295e5d8cb0e3edc280a2afb9cbe86135
806c92314249d7a94bcb05048035229bb420328af96c946d92cda9a8f2558931
82a66857df1a6a343f72ea9e41b3dc46ff03ed8ecaa3f6c1e50f29c3b335339a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8591deeed80ff2f6b240bd53ae0186fb91f99227172ce770627185f23c155273
87508ca62e6a3cc9faf276f22afad75862db1f2bebf53dddcb6ca992f8ed7ce3
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e21a6fbb3e4a85fcfa1129061c5e496d7936ad07e5b3fe0666c1e6fcdc134c9
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
97a875da6997754b6f65c2c95409e082e3b32bec03b6ac3e44e98cbb28c65e85
9c322f1509cc88439bd8d188ab48d2d6d6cf5de7ce41981d16c1e113ac2b80b6
9eefee4260649b015cb80f0cb6ce80533c2168ac20e9d7433a5d0d5a906e11ac
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0bcda4d3e86c2bca85fc89dd3990e7f3b2272f0e20e7e03d60384a4c4103145
a1ff13e9dac8f8b478d1484079b1e089b8867777937f85818f3a8c3bfa45f41b
a2359f45facc7fc10aec799a6822bf24a9ccb2f27c7bbb0c7c9471d5437987cc
a2e3082adef49efa3b0a76790302f4b1438171ea3b770020d714498f3ade063b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a75eb4d330d0ebbd230003ec14c9b94c5eb8520456dce5f16a8ffb86fd22268c
a88ad69a6fc0fc3ccf761b2036d46b42541bb3540b8baeacdce77eff11f024f0
ad2ad26a786b69e2a2e9a3d7fbd4dea09913be2990b40f0678225c1cfbe38baa
af7b6948153e403d74bc9d6ff890a70bc81f956901be39ef0f2ec4f71fb97066
afb7cbbcc5527f3174605e97940c1dcbd8b759835a37289434c805f1630abdfc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1778f51974be001b5d3c1117902e64a56ee0ad3c11b7e46b41c65fc1f792f27
b4e901ab20acae758e69d84ff6cf957eae164db569aba01bc84704eceaedd13d
b68ec6cb015714a5ba472ada3c173aa5c31a427739641b882a2fd96b7ab9896b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf23fbb33279d6fa909a75a83eb3b673808bce6e515003779811d78195a54052
c1bf5da6eb2aae44484a9f1f8e1dae3ffc8014a0fe755cb9c8f410a4ee31f363
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c54b21ff24f65ba1228b3df5080c86accaa5bb3913b6894b2cd589caf13164db
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c8f5733c67f5b9c49cbc0211b9e6bdb24bf367e2680e93eea22d7e481c2a56a8
ca6417e35a032113b99da30054ccc27db57a006831078a48a4a78440fd0052bf
cabc9ebc40d02fd917fa50fc4309d159fd6a0db1d191db1204499fe796b9df1c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1bfcdd641bc7ea7d3f498da18eb229eb6a7e72549f8590a5ed77afb50469f9a
d22c0b01cb635070d2aef3f9f3343b4e5dc405654232a56bb677623152669b0c
d2d3e62be49a950029e24adea571c09bb20f4e208df3ba0e6f18ee613446f466
d3b601b279450f2250939c3aae6d24b2f06070ca96d734f178e563ef01dd561f
d44320cfd4ced3d38015d560d5826c48dee1aae4f8555a0f266f8d3b313f4542
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d95a637fa3fdb849be70753afbdebc7437f00ba1dd70b4e2e6c5bc7b80fd9014
d9f4df9989372c052ac983e82ef89e55a82607a87404449210e5859912221112
d9f868ec412dfe33d60af6f3026ebc9ecdf2c332355b51eb99f459191824b280
db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c
dd78fae03a33386adcad971fee9eabba162a506dd32d893be32f40c1c1c0943f
dee98a943c855056022f9175848c4f3abc659b6b104862236d25536c74cde0c7
e0dbfd9b406f997ebd46b3e29bab17dca9003680d679fdf76513ca60670e3eeb
e0fc47a38e5c40073973ca37fdbc8b41475da45b0c3e184e054c36679dc218d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4895dfba35b64927c6341f5a657d8ed18257cf7acd3444bf45b45ea63603ad4
e4cb91f22e324b0b58adfce621d3a7a52a4db55a2f9ac16a32dea238f71991de
e6a8a17e57bb34e20a24d329f691fc8218628351cc56ba07a618b1afc5eebef7
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea1ee744cf754d825e98c15e110488d990b780b2a21cb8aa22c227ba0282a99d
ee507937a0411746f520226b235dc1d9d11408cfcae1ff5d8b3a4e78a44c611b
ee601353c271483d5f127e2684fa98b9858b695caf1b98ceef4a6daf55e5dfec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f179f56e2112dfa1ef9eacd3ee654397ac38c25e8c26508abbe1d042d7fd5242
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f4425e13adb55e5f2d0327833fa4c3a8222c40abce62c293b1e73f13da5f74ed
f54b65e5ef7387b69c8643b7cfda86eb03233e32b5c4ea8dae28aa6775acde34
fc01c795cec83dae195f75b6acc204f19025882ed82438255cbb533fe3c2bc67

archive.md Open in urlscan Pro 5.188.88.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

190 Requests

78 %HTTPS

21 %IPv6

67 Domains

94 Subdomains

56 IPs

11 Countries

2399 kBTransfer

4519 kBSize

89 Cookies

1 Outgoing links

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

archive.md Open in urlscan Pro
5.188.88.193 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

78 %
HTTPS

21 %
IPv6

67
Domains

94
Subdomains

56
IPs

11
Countries

2399 kB
Transfer

4519 kB
Size

89
Cookies

190 HTTP transactions
17 data transactions