archive.md Open in urlscan Pro
185.101.35.175 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://archive.md/IOX8Q
Submission: On October 20 via api (October 20th 2023, 8:14:46 pm UTC) from CZ — Scanned from NO

Summary HTTP 56 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 19 domains to perform 56 HTTP transactions. The main IP is 185.101.35.175, located in Norway and belongs to SERVETHEWORLD-AS, NO. The main domain is archive.md.
TLS certificate: Issued by R3 on September 7th 2023. Valid for: 3 months.

This is the only time archive.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.101.35.175 185.101.35.175	34989 (SERVETHEW...) (SERVETHEWORLD-AS)
3	2606:4700:e0:... 2606:4700:e0::ac40:6621	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	64.20.35.44 64.20.35.44	19318 (IS-AS-1) (IS-AS-1)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2602:803:c003... 2602:803:c003:200::37	26667 (RUBICONPR...) (RUBICONPROJECT)
8	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	23.218.210.30 23.218.210.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	5.101.110.225 5.101.110.225	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
56	25

1 185.101.35.175 (Norway)

ASN34989 (SERVETHEWORLD-AS, NO)
PTR: vps-175.35.101.185.stwvps.net

archive.md	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e0::ac40:6621 (United States)

ASN13335 (CLOUDFLARENET, US)

a.publir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.publir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.20.35.44 (United States)

ASN19318 (IS-AS-1, US)
PTR: bid.glass

bid.glass	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::37 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.101.110.225 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: ams3.digitaloceanspaces.com

olma.ams3.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	88 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	58 KB
7	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 563 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9971 eus.rubiconproject.com — Cisco Umbrella Rank: 662 token.rubiconproject.com — Cisco Umbrella Rank: 504	20 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443	39 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1696 mp.4dex.io — Cisco Umbrella Rank: 2423	26 KB
3	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 9006	20 KB
3	publir.com a.publir.com — Cisco Umbrella Rank: 47089 analytics.publir.com — Cisco Umbrella Rank: 50425	174 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 470	963 B
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1374	104 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145	270 B
1	digitaloceanspaces.com olma.ams3.digitaloceanspaces.com	1 MB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	59 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 2049	47 KB
1	media.net prebid.media.net — Cisco Umbrella Rank: 1420	728 B
1	bid.glass bid.glass — Cisco Umbrella Rank: 141831	317 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 261	614 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581	109 B
1	archive.md archive.md 178.255.148.170.no.stw1.355655810.pixel.archive.md Failed	23 KB
0	rlcdn.com Failed api.rlcdn.com Failed
56	19

	Domain	Requested by
11	pagead2.googlesyndication.com	archive.md pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	s0.2mdn.net	archive.md s0.2mdn.net
3	fastlane.rubiconproject.com	a.publir.com
3	top-fwz1.mail.ru	archive.md top-fwz1.mail.ru
2	id5-sync.com	a.publir.com
2	googleads4.g.doubleclick.net	archive.md
2	eus.rubiconproject.com	archive.md eus.rubiconproject.com
2	tpc.googlesyndication.com	archive.md tpc.googlesyndication.com
2	googleads.g.doubleclick.net	archive.md pagead2.googlesyndication.com
2	i.clean.gg	cadmus.script.ac
2	script.4dex.io	a.publir.com script.4dex.io
2	a.publir.com	archive.md a.publir.com
1	lb.eu-1-id5-sync.com	a.publir.com
1	olma.ams3.digitaloceanspaces.com	s0.2mdn.net
1	www.googletagservices.com	s0.2mdn.net
1	token.rubiconproject.com	eus.rubiconproject.com
1	beacon-ams3.rubiconproject.com	archive.md
1	cadmus.script.ac	script.4dex.io
1	mp.4dex.io	a.publir.com
1	prebid.media.net	a.publir.com
1	bid.glass	a.publir.com
1	ib.adnxs.com	a.publir.com
1	hbopenbid.pubmatic.com	a.publir.com
1	analytics.publir.com	a.publir.com
1	archive.md
0	api.rlcdn.com Failed	a.publir.com
0	178.255.148.170.no.stw1.355655810.pixel.archive.md Failed	archive.md
56	27

This site contains links to these domains. Also see Links.

Domain
archive.today
buymeacoffee.com

Subject Issuer	Validity	Valid
archive.md R3	`2023-09-07` - `2023-12-06`	3 months	crt.sh
publir.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-16`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2023-10-06` - `2024-11-06`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
webmail.onezo.org R3	`2023-10-03` - `2024-01-01`	3 months	crt.sh
prebid.media.net GTS CA 1D4	`2023-08-31` - `2023-11-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-01` - `2024-07-31`	a year	crt.sh
cadmus.script.ac E1	`2023-09-02` - `2023-12-01`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-09-17` - `2023-12-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.ams3.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-24` - `2023-12-07`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://archive.md/IOX8Q
Frame ID: 11F09FE5A97BDAB5BC1977DC947067FB
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbJtwEQ4Iu7wAUYpI-0-gEwAQ&v=APEucNWCH92FUCkLZvsgApDueGvI2hWtz9x35Lz-lXJRAJj1cBch8qSNM9dI8ukUWG31TWHgI8p7Y0240WsaTBOmpFocCILArg
Frame ID: 59F87EB5B20446D68EC942889856C87B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 9180344FAF1CD3D93FD2DAB602FB6FAA
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=no
Frame ID: 6CA35C5FF422AF5BB15AEA1197715804
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2A40FF5FC0C3CA128522F85851EB85B9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250
Frame ID: 5E1B48FA338FE99AFE7D7765FB090F5C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Packs de Cp 100 GB MEGA 2023 - PACK CP 2023

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

56
Requests

96 %
HTTPS

46 %
IPv6

19
Domains

27
Subdomains

25
IPs

6
Countries

2028 kB
Transfer

3302 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://archive.today/
Title: archive.todaywebpage capture

Search URL Search Domain Scan URL

URL: http://buymeacoffee.com/archive.today
Title: Buy me a coffee

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request IOX8Q Show response
archive.md/ 243 KB
23 KB 828ms
687ms Document
text/html 185.101.35.175
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://archive.md/IOX8Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.175 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-175.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 7919cab2af4b4dbd8da86564b0f9619e0a4f054fa28882ae6004129b50018eaa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: maxage=300
content-encoding: gzip
content-length: 22756
content-type: text/html;charset=utf-8
date: Fri, 20 Oct 2023 20:14:40 GMT
expires: Fri, 20 Oct 2023 20:19:39 GMT
link: <http://packdecp.ezyro.com/packs-de-cp-100-gb-mega-2023/?i=2>; rel="original", <http://archive.md/timegate/http://packdecp.ezyro.com/packs-de-cp-100-gb-mega-2023/?i=2>; rel="timegate", <http://archive.md/timemap/http://packdecp.ezyro.com/packs-de-cp-100-gb-mega-2023/?i=2>; rel="timemap"; type="application/link-format"; from="Wed, 27 Sep 2023 00:25:03 GMT"; until="Wed, 27 Sep 2023 00:25:03 GMT", <http://archive.md/20230927002503/http://packdecp.ezyro.com/packs-de-cp-100-gb-mega-2023/?i=2>; rel="first last memento"; datetime="Wed, 27 Sep 2023 00:25:03 GMT"
memento-datetime: Wed, 27 Sep 2023 00:25:03 GMT
server: nginx
vary: Accept-Language

GET
H2 200 1100.js Show response
a.publir.com/platform/ 22 KB
6 KB 201ms
67ms Script
text/javascript 2606:4700:e0::ac40:6621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.publir.com/platform/1100.js
Requested by: Host: archive.md
URL: https://archive.md/IOX8Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 764bfe5116da1549590d2af0922fc54cda1adc27f8a02334fabae423bc73c5cc

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:14:40 GMT
x-amz-version-id: bD.JRJQ9T.DmsynpEoC0_u92bG1MfK48
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TXN8B6QVBE4S681T
age: 7892
cf-polished: origSize=24151
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: XQAABzPBLY8y+TjnAKR2s+L3ufKez72bujYFDVqHTi9RNqMXqK7oScxUe+zgju02Ibr/H3O5Gq4=
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 17:59:55 GMT
server: cloudflare
etag: W/"e9fdb5190c86b0d331bafbcc5bdbb3f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVlqJN6siSFlP0KWQVs4b40XQIoNZsJ2c0UNAdZ%2FEi4DUvphBLTj7DJ2GQufE%2F%2FgofpsDVOsFpKCEYr5B6s%2FNX06DiwKgAbwSgn0s7wQPmwrQkz6cqLkgGJA6DfHp3eqgsP3Vv9zLBaXxVg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 8193edaf4cf62df7-ARN

GET x.gif
178.255.148.170.no.stw1.355655810.pixel.archive.md/ 0
0

GET
H2 200 prebid800.js Show response
a.publir.com/platform/common/ 565 KB
167 KB 78ms
77ms Script
application/javascript 2606:4700:e0::ac40:6621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.publir.com/platform/common/prebid800.js
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/1100.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49633c21c7f51360b3d278ddc28acb5047b59206b27819ebe104bdd9586bfc7f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:14:40 GMT
x-amz-version-id: 9wB36MUTNktwwEd934w8UlI_2LiL3.zQ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JW46TMFF2ECG289E
age: 1851057
cf-polished: origSize=579478
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: n7TF6r6G2LZ6B5dqn5Pswr+wg4XEMgXnZPum5vgGXlJfiUdXH7ahoy7onIUyiVrM3/ef4Uml5xA=
cf-bgj: minify
last-modified: Mon, 28 Aug 2023 12:11:50 GMT
server: cloudflare
etag: W/"b1064c989e72ff74d3e2d8621da06b25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9MciihISyRPuNtKLUAEQB95IlSV0pjtaTm5DP9vqx5AiJFFTQFvThQYKIS7o854WMeyi1nz2EVOmlWInlC4xsVqBVG3qEVHHo5h1D6bn3U590GzAhlXoMBkJynfiOyoyc7znFQnn6HOVW0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8193edafcd602df7-ARN

POST
H2 200 publirPageViewTracker Show response
analytics.publir.com/ 4 B
596 B 435ms
424ms Fetch
application/json 2606:4700:e0::ac40:6621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.publir.com/publirPageViewTracker
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/1100.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 20:14:40 GMT
via: 1.1 828a61ebc3af4e0465a5577a4c08af7a.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ARN54-C1
x-amzn-requestid: 4e498aaf-48a2-4383-ae19-5078a4ac24c9
x-cache: Miss from cloudfront
x-amz-apigw-id: NHfjpGlCoAMFbTA=
content-length: 4
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-amzn-trace-id: Root=1-6532dfb0-1f7c44ee24fbca74454d88fa;Sampled=0;lineage=aff9ae5f:0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwErMN%2BQrhBmSb%2BkU1AMYaIfOCxp5UuD1IkEN4sHjNVUmpycAzd9Q8Upsp50Y%2FWjBmc5sxSrGPY1XjeGKWgzsGeLP3uP3wTBzRWZ9CRUyHCRS52HXJOb573fFf6MrDyV59S8xdJbLoFS2lJc13ToRLg4Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8193edafdd722df7-ARN
x-amz-cf-id: DdgCQHLlMU0LCk5IP5ORaTyGxKjnuFv4Yp8_Qj_IDNtktjqCNgUJqg==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18b6c93a1c96a4604490c8c487e6592c6eaa37d4018ec6cbfc51a621202ded33

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 783 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8591deeed80ff2f6b240bd53ae0186fb91f99227172ce770627185f23c155273

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 942 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44ad17dd9f7575456243736c32b3c59a8c5373aba00473c81c701582e9ccea20

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afb7cbbcc5527f3174605e97940c1dcbd8b759835a37289434c805f1630abdfc

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f54b65e5ef7387b69c8643b7cfda86eb03233e32b5c4ea8dae28aa6775acde34

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 858 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0bcda4d3e86c2bca85fc89dd3990e7f3b2272f0e20e7e03d60384a4c4103145

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 42 KB
18 KB 385ms
187ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: archive.md
URL: https://archive.md/IOX8Q

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

e8784cf600efa5162eecb46132810cb58c14dab82fd4bfdfcfca7d0c7d7feea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Tue, 17 Oct 2023 07:17:39 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"652e3513-a922"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Fri, 20 Oct 2023 21:14:40 GMT

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
996 B 94ms
93ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2825109;u=https%3A//archive.md/IOX8Q;st=1697832880622;title=Packs%20de%20Cp%20100%20GB%20MEGA%202023%20-%20PACK%20CP%202023;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=381ac5934212aade;ver=60.3.0;tz=-120%2FEurope%2FOslo;ni=10//4g/0/0/;lvid=1697832881018%3A1697832881038%3A1%3A296530a96babd39f5f4634baf8a45fcc;visible=true;_=0.21111894272380716

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 20 Oct 2023 20:14:41 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://archive.md
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://archive.md
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: https://archive.md
access-control-allow-headers: *

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 252ms
87ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:14:41 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 02 Oct 2023 15:19:34 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1273728
ETag: W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFWedlLViDUtTv4al%2BBBfkM8J8vQ2W6Zf8uTFIZGwwn75tNKsw03TYyC8M7mQGC3ifhcHOITX6txXU9BE2Isi2b586dQuRxY66%2Ft11AsSP4Ar%2FbSDfzWop4tHpFQoEWIy7XRSBgg1jrtMzDs"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 8193edb3dc4f653b-LHR

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 337 B
847 B 326ms
173ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=418560&zone_id=2368166&size_id=9&rp_schain=1.0,1!publir.com,97921100,1,,,&rf=https%3A%2F%2Farchive.md%2FIOX8Q&tg_i.domain=archive.md&tg_i.page=https%3A%2F%2Farchive.md%2FIOX8Q&tg_i.pbadslot=div-hre-Archive-Today-581&tk_flint=pbjs_lite_v8.0.0&l_pb_bid_id=21eebf8f4116cf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0709613017460311
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid800.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bb5f312a692fa6046d296d28ca827e8ce219ba3fdd4872a1842c138de4aeeef3

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://archive.md
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 337
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
6 KB 339ms
186ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=418560&zone_id=2368168&size_id=9&rp_schain=1.0,1!publir.com,97921100,1,,,&rf=https%3A%2F%2Farchive.md%2FIOX8Q&tg_i.domain=archive.md&tg_i.page=https%3A%2F%2Farchive.md%2FIOX8Q&tg_i.pbadslot=div-hre-Archive-Today-582&tk_flint=pbjs_lite_v8.0.0&l_pb_bid_id=34d0f3c0db7f84&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6699014006665083
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid800.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8a6e2e1a46bbe902b36f211667e4fbb3d6510acfb685cca251f03d57c90999d0

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:41 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://archive.md
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 337 B
675 B 344ms
192ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=418560&zone_id=2368164&size_id=2&rp_schain=1.0,1!publir.com,97921100,1,,,&rf=https%3A%2F%2Farchive.md%2FIOX8Q&tg_i.domain=archive.md&tg_i.page=https%3A%2F%2Farchive.md%2FIOX8Q&tg_i.pbadslot=div-hre-Archive-Today-583&tk_flint=pbjs_lite_v8.0.0&l_pb_bid_id=421ff06e437d7f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8625573392582675
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid800.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ad328779b4901492786c9b6ec84f7185a046f43bb5bda9a09eace1d8b6579d5e

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://archive.md
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 337
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
109 B 232ms
76ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid800.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://archive.md
date: Fri, 20 Oct 2023 20:14:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 53 B
614 B 223ms
74ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid800.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:41 GMT
an-x-request-uuid: 928c3c4d-80a4-444d-941b-4fd6f62a984d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://archive.md
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.255.148.170; 178.255.148.170; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 53
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK hb.php Show response
bid.glass/ad/ 19 B
317 B 436ms
141ms XHR
application/json 64.20.35.44
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.glass/ad/hb.php?src=prebid_prebid_8.0.0
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.20.35.44 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: bid.glass
Software: Apache /
Resource Hash: 487b5488b23125ce4f63c52d2d9728daa38a917649f5b229f5fa1fa6213005a1

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Oct 2023 20:14:41 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 334 B
728 B 205ms
87ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU94KNQI
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid800.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 2a60168ae93a37009c445f0fcc0cb151b09a2fe8e292f584e7ed740446aea16c

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:40 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://archive.md
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 20 Oct 2023 20:14:41 GMT

POST
H2 204 prebid Show response
mp.4dex.io/ 0
281 B 188ms
82ms XHR
text/plain 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid800.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:41 GMT
x-err: Parsing the Prebid Request. adrequest and manager domains do not match
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://archive.md
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8193edb38a9cb503-OSL
expires: 0

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
999 B 94ms
93ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2825109;u=https%3A//archive.md/IOX8Q;st=1697832880622;title=Packs%20de%20Cp%20100%20GB%20MEGA%202023%20-%20PACK%20CP%202023;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=381ac5934212aade;ver=60.3.0;tz=-120%2FEurope%2FOslo;nt=0/0/1697832879541/////0/41/41/41/142/90/142/829/879/833/1081/1081/1081/1500/1500/1540;ni=10//4g/0/0/;lvid=1697832881018%3A1697832881084%3A2%3A296530a96babd39f5f4634baf8a45fcc;visible=true;_=0.6640796720243678;e=RT/load;et=1697832881081

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 20 Oct 2023 20:14:41 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://archive.md
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://archive.md
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: https://archive.md
access-control-allow-headers: *

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 132 KB
47 KB 166ms
57ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b76fee2711a5ad963ea92ffda8f30870fe9ad7d544d5eaf55ba6a43a2d5d32f3

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:14:41 GMT
content-encoding: gzip
last-modified: Fri, 20 Oct 2023 16:18:03 GMT
server: cloudflare
age: 0
etag: W/"67e8e96dae06a1f9b3ffb0918bbde23a596265fc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 8193edb4fa6bb523-OSL

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 204ms
76ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:14:41 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1572549
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Oct 2023 15:19:33 GMT
Server: cloudflare
ETag: W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUw2KLgzOgmuIlM7djexy%2BlU3%2FX%2FDy%2FVCBzFgxEHScO9cPrfJpg4k6RbYRsBcFtbZUOe1pFqU7qQjZMvdvs6SSDopfBwUBrCabrn0kLyEKGUn1SCkgRF1WBDcA8b%2FNrok2gbdzw7TchClaWV"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 8193edb51f68be53-CPH

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 269ms
153ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://archive.md
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 20 Oct 2023 20:14:41 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 156ms
155ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Oct 2023 20:14:41 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 59F8 0
466 B 310ms
124ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbJtwEQ4Iu7wAUYpI-0-gEwAQ&v=APEucNWCH92FUCkLZvsgApDueGvI2hWtz9x35Lz-lXJRAJj1cBch8qSNM9dI8ukUWG31TWHgI8p7Y0240WsaTBOmpFocCILArg

Requested by

Host: archive.md
URL: https://archive.md/IOX8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://archive.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 20:14:41 GMT
expires: Fri, 20 Oct 2023 20:14:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9180 89 KB
31 KB 366ms
170ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: archive.md
URL: https://archive.md/IOX8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:14:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 20:14:41 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9180 42 B
110 B 315ms
121ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A7ZZW6JmdU_tvEjh1zzqqCCPAYhBLyspcPSCnmiMH1tcZ_ceMOSlhEf_M1EOOdbrz1OtDvIy_lLvAPlVfP0lc13U7qmGuarxx1WkXqKoBk5M-2g14

Requested by

Host: archive.md
URL: https://archive.md/IOX8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9180 0
349 B 310ms
117ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3391862982754528853&x=8&ct=119

Requested by

Host: archive.md
URL: https://archive.md/IOX8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 044fb24a-03b0-4b6b-b074-0b129e720216
beacon-ams3.rubiconproject.com/beacon/d/ Frame 9180 43 B
227 B 548ms
74ms Image
image/avif 2602:803:c003:200::37
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/044fb24a-03b0-4b6b-b074-0b129e720216?oo=0&accountId=12768&siteId=418560&zoneId=2368168&sizeId=9&e=6A1E40E384DA563B5594BB4850FAB2AADE3DACA8F6D7D5D71A8FA61533A2D444995B7C95E1CF81A796AD757B4575D9DF7A3220A15E3EC91D1C68174F1BF93A4646E1A2CE6D47A5EC3DD15F6F351E40B02E5027D981BA1AD77C5AEC6161B6D33812C3A26A9C15D53EAD16495691FBEC4A1D55C779D9F90B18B2524A140BD5C53E2605645952F60178A1EAA5486CDF8DAD39DADB4B5E577EB96B8D15AD826F2231DE51ABB6D74DBE4228CFA8B2D72252FD03CFA8E98B0F0A1FE82A954C1004678A

Requested by

Host: archive.md
URL: https://archive.md/IOX8Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::37 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:41 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9180 0
56 B 116ms
116ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9181896945700&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9180 0
56 B 116ms
116ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9181896945700&version=m202309260101&ct=119&x=8&cor=3391862982754529000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9180 91 KB
38 KB 142ms
140ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AehOM2UZFMbwMDLlojDeEV30J4xPbb6VCebsL1D-IKuS9gEjNLauuAZTA8BwfOrj9Z2rj7kmROqDtZA4f4_aprSb8p_KWmyPFqNz7P5uH13WXFmBKJEzB4Abgy-AbHckyD_-srWgyPmafO_qqVDfryd9BBvqt5FWopapfV-lGcy2vf1CVGN95iUxKCl3BiFmNFkuzz&cry=1&dbm_d=AKAmf-A5EBnpKXlbbedlIBM0ZS5WtFPm63AO89t2N7MVcCaoY8o-Z2Yq7q6CEnPJ85zUM7JHYn0SG6lCO6pMh6hh-6qh85-XXSBHMzzEFxwThdiOgPwPat-1gEOMcLwTt8KzbGokn0IVIj-utP5a1K-0Du6hgAg05y44hF5rqVnoh89NJQTnvM5_yg3La_ZFjm3Ok_fnpnMGqQyW-eEJNLJ0313Kcgu6uwRRVCNCZ4zfp2G1qvTwRfFj92ssMnug4XpZDLlzFSjyU-MxYth37n2MU2sRiQN1noRIvJiixovVkIhzHIg2KfHprLMuYtVA_hzcEEFrqGLcoku22EbZKCokzyOju4uGnrNj_8R_Yhw47appCZEI8L4hHhbHWCl9NlttLRtRaw0hfEMnAXK3WPQqRsm8I4ZO7xqsVmP5V5uP14cyLDJjRWExpcq1TbLa3BCga60B43ltKz0Hl4Rf5a1vZ2IH6jvAv7MKvLmkTMSjsYhBS9KIoCuYTBgWYMGUf40KQnrM5_gvDUVT7JxuuEUXYy1KRzB1iA5zwUVUZn7sRCN56g84J77ZrkccTBReMDCJQVjVRFJNc8EhwdvPAPuGGLB7uRZxz9tGDIO46gL5Wu-oYs7lYERwcnIeu5UK6-ryJQlsWgqg1tq4X7T75DgYjV1gTn0Fd6GkmLDHJuIZe7D7zraKjJf9JuUBi5I9esXsfErOBzRYUi0ZQ0yK48jsKqXigkCi-0YoVAyTj2vNsHqEU8F6qCnPYQ2ooY3sRYDkRGD0kt-VB6pmPvOk7RTaTlA6VaMP9aVs38PQmXf2WzGCrBZJK20vzVmjbs-gX-xXGzIoTC4LH1JnV5EIW3OwbcEBVrwBF8La8w0UkKuXxAyyz0NyE4OT5iTeQOdSykZQetxm8zBOzPn58KAaN1Qed4EuO1ilKbz_499M8SRjCF3BPDo9dtgiDFUJT0aaWYJSQqjh-nYs3fzVnQBur7KUXDAYt590dAcpf1bauLm2A-2arOYMfJHfyyX7t_5j8kh5p6KIUjJQddl1i3M4xpdUUR3FZ7g2v4-bkh-YSHP4nQxlMuHH8qO2HV5BMFWQgDHSo49qznISSfeYMh255wYp6ZL3A4QTa-GN_SvSGtsGweeVmn3vCK5oNESVc-xhP2u19N_ANrvhTZRmy_rDq2CvRubWncSOFT_J3CzxsKlhwfYaBKnoMcORzm9cs-fCalFXwtJ8Fhc5c-e6upFk4EX81P6juuQPSbraIiOG7DCIVsx7AeaAge3807tYKyY6oi02HMKdNT-LQfC0TKvw0NiKQT3-QVOve5Ecbt76JJasSSK1xKY9c-801AlUWgoe9Wx2EPvKmZIV1nQxrWYHYz_pELMW72Gd5hfJ6YreqEroLhOX0hXF7ZYfj0ZdLv8J_lmFL63stKbd_uHcwG_739vAVbZa5K7Ew0pnkE4mkW5DXKFnNKVaJkpms9zxAUvHucUB6hWPruXUhwzUEOIALYuJIYqCzI2VAKsEhZvY8OMXSX3XFSeNFVOr1xSuFVAvBkluFaMtU-Shiecl04aEprEZ8DtSGAg3WtKwdKwmObvulkd8NJ_JDFwK1IiSnOArAtbSW2nRL329p8P0AN17u_FSsetzxgn9eaPffHZGHg3yz5kDuT9OOIfuJHr9IC6dGAxrYbbgxzD0wALx-05Bz3FHdGZ9bOw9aCAwB1iWyd9r1HxIlhzELwSc8bLZHk8Lat96bXxzlVd9QJ58u4VUyhpHg946RF_Syw9YtyDy1bA4ZQ7B_cuKCje0UNnnYX3JAO5VjIaKIoc39VMLLKNqAl9GPBvQNU6Ubxan5gZpKQkG2Lnu5Yf2fahiXPY8eo6aPYA9k0b6thmn23-6tPZde5iYneCz4u7OSWzCi4-NU3kPwbwQ2mTnRwSBwiFjD7L2Jd19kbuPp2jzW9t7RcPX-zmDdYdv6jODYnVPp0HIh-Za9nsCtYNoxnmeAfpdQITMvFwEYVnkkPB0RiQf1PoYIJTPsLtok4ZVAeGFHB45ZgvMbljXs95YYDij85Eie6A5viHXXgbRQHoEix136pKS8mhBubwCluFWdI0umxLyQ_3oJC9_r_W5eocScxWUJDf9-yZq_zZmjOJzHRjQLY6BanLG_6YtzrrSyZLKSulEk36-_RL9w_XqHE8pw6VKowtlJRWZIoa-WL4H3qebbsrOm2be8HbGqhf8JgtlX86vRACEaIBCa2ONnere6-GPu63AdTIoleeURstu0xLPMtjhIt5fhCrtp1Zyrm3CEka9e-potLRiYxaeAHuyXwbbF8b3C83m_FeLjtMZ50-Ah6lEak5MPeFUyhPhY00JAEyJA817jIbdw4V4fCmyw8olkyZEtXQbpOZRazOubIfDD3yK-_I2pVqOKfJt8ZXGmqymvu1tA5gAIn8Fcx16lP9SKYQQgOnnlpKP_RnexdM3I7ivZOtNb6VOGnx5z_5OxCwoYQLaDKC3HAAwwIr-bkOLEWTMGpd0qrSJUxqeT6pdgaq9YBQoUvdrNVlZkdX8ck0hliaAfUjgxnZD6zZU9wF48TH30JvLG0oJ3ywh7yJcSouc9tyOSE7DtZvEoYm5uJhOHQAzCwkTmNFLOTiNdG17RBLHI8SYCiMOL6cGnRwkvOLA1WusOYJZPDlXcXQI7pMnxIFnUyyvJKD3zeJet3g5xTE260Mnss6VazYUWiCaFKoZXfyOv8hP-3bzXkvWOQ2NURipggLgfKJNuhZ6zuFEssZcKvG_XSC0kGSJs-dO087jd3Vf5UvX9MemZEYNPvtIT7oTjmFVzm8KlHDjgtonwLVBrZwUcv9XwzkdTZ4TRW6MFFwMVrDnuaqjU7qSjtpprI5gnOIyOiVPox43eNef5Emg8P2OnUAD3xQ3jT0ETyeN9SFOfxNaghyl_-_HxxwiNpUSLh_V5i0YJ9kbuVAcp6AJqBqQb4c0qPDtNt9mkzBrxH54PaWC61EQ2KiQCMg7PJ0-90YKnoksCnoQrdJ5ueWcQ9iALx1eOE3xmf9fii_ge355UJJypIACptiPhWfXhsaibpyo2KMNYTtwb1dm4Tjp6xUfSnPCJ5nQy7xceIOROxCbl8D8ibi7HT7M-jng1jGssuMSUZi2UYTKxr3ubDn9AKQk_mu4iHC0VR_WZHe6h4bp9mbuN8-CWrUo47nJxvHiE7erE2NI4xeHn_pIdpHADR_AJs847cEM50WVT4h7JOO5bMcgYvKGOHjDk5sSY_km-b-qgezb0tsSQ2BljreswtJ2zBj63rHnDvvcQnP3QZQTeKmLstoPBRIbG8EY-hGqxn76MX0FEIkxqH_vvtRNi2Wovf1JiCNx3QP92w2v2CS7EQ-rzIKx4GnDm6ZaoDwGAz_3bKrP9Zj0Z51kM4KNlyS0A6VxHiZphESb-SwJ02v2pXkjcFFvj7IvBr3LM7sk_Vif2zdKcmkUmj0tc8UCpAprWSdYlIdHDK3_YoZnIFBy-0UlVXV05BTnVgEp7_Jo5uodccDrkne3tZ6gn7cwH9LGoDv-YNXokyA0ehPM4G-T3E0Q3ONYsVIjT_8ORCgA3snOGtmytCT0g6UIXn8a42E6NC19PEqhArG0MJZaNwX62fqJl2z7y12xD64-zz8i0_riYUQJR_W5rU7UD1w_wWiczPhkRfAQf4UpPtb28slIBwUlzEgLge4e8lpQ2my4fPEmabyyz1RrrBObdtY0UpwvOqUNDRW4LgNsWCDG-HmOVXmepboOi2xycq-URdYTTJlspQaUz0tGr1ctcwH6KT35tVomkVNu&pr=8%3AF348BADB679BF953&cid=CAQSGwDICaaNznCLWW3iYqh1keX1hEnQdMVlxLbniRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Farchive.md%2FIOX8Q&ds=l&xdt=0&iif=1&cor=3391862982754529000&adk=3589733384&idt=420&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a94509174daff37a929726fdd004a17605208d10977932b10bfd2bfdd12c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38670
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9180 111 KB
39 KB 276ms
83ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: archive.md
URL: https://archive.md/IOX8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://archive.md/
Origin: https://archive.md
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 16:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 16:21:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 9180 11 KB
4 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AehOM2UZFMbwMDLlojDeEV30J4xPbb6VCebsL1D-IKuS9gEjNLauuAZTA8BwfOrj9Z2rj7kmROqDtZA4f4_aprSb8p_KWmyPFqNz7P5uH13WXFmBKJEzB4Abgy-AbHckyD_-srWgyPmafO_qqVDfryd9BBvqt5FWopapfV-lGcy2vf1CVGN95iUxKCl3BiFmNFkuzz&cry=1&dbm_d=AKAmf-A5EBnpKXlbbedlIBM0ZS5WtFPm63AO89t2N7MVcCaoY8o-Z2Yq7q6CEnPJ85zUM7JHYn0SG6lCO6pMh6hh-6qh85-XXSBHMzzEFxwThdiOgPwPat-1gEOMcLwTt8KzbGokn0IVIj-utP5a1K-0Du6hgAg05y44hF5rqVnoh89NJQTnvM5_yg3La_ZFjm3Ok_fnpnMGqQyW-eEJNLJ0313Kcgu6uwRRVCNCZ4zfp2G1qvTwRfFj92ssMnug4XpZDLlzFSjyU-MxYth37n2MU2sRiQN1noRIvJiixovVkIhzHIg2KfHprLMuYtVA_hzcEEFrqGLcoku22EbZKCokzyOju4uGnrNj_8R_Yhw47appCZEI8L4hHhbHWCl9NlttLRtRaw0hfEMnAXK3WPQqRsm8I4ZO7xqsVmP5V5uP14cyLDJjRWExpcq1TbLa3BCga60B43ltKz0Hl4Rf5a1vZ2IH6jvAv7MKvLmkTMSjsYhBS9KIoCuYTBgWYMGUf40KQnrM5_gvDUVT7JxuuEUXYy1KRzB1iA5zwUVUZn7sRCN56g84J77ZrkccTBReMDCJQVjVRFJNc8EhwdvPAPuGGLB7uRZxz9tGDIO46gL5Wu-oYs7lYERwcnIeu5UK6-ryJQlsWgqg1tq4X7T75DgYjV1gTn0Fd6GkmLDHJuIZe7D7zraKjJf9JuUBi5I9esXsfErOBzRYUi0ZQ0yK48jsKqXigkCi-0YoVAyTj2vNsHqEU8F6qCnPYQ2ooY3sRYDkRGD0kt-VB6pmPvOk7RTaTlA6VaMP9aVs38PQmXf2WzGCrBZJK20vzVmjbs-gX-xXGzIoTC4LH1JnV5EIW3OwbcEBVrwBF8La8w0UkKuXxAyyz0NyE4OT5iTeQOdSykZQetxm8zBOzPn58KAaN1Qed4EuO1ilKbz_499M8SRjCF3BPDo9dtgiDFUJT0aaWYJSQqjh-nYs3fzVnQBur7KUXDAYt590dAcpf1bauLm2A-2arOYMfJHfyyX7t_5j8kh5p6KIUjJQddl1i3M4xpdUUR3FZ7g2v4-bkh-YSHP4nQxlMuHH8qO2HV5BMFWQgDHSo49qznISSfeYMh255wYp6ZL3A4QTa-GN_SvSGtsGweeVmn3vCK5oNESVc-xhP2u19N_ANrvhTZRmy_rDq2CvRubWncSOFT_J3CzxsKlhwfYaBKnoMcORzm9cs-fCalFXwtJ8Fhc5c-e6upFk4EX81P6juuQPSbraIiOG7DCIVsx7AeaAge3807tYKyY6oi02HMKdNT-LQfC0TKvw0NiKQT3-QVOve5Ecbt76JJasSSK1xKY9c-801AlUWgoe9Wx2EPvKmZIV1nQxrWYHYz_pELMW72Gd5hfJ6YreqEroLhOX0hXF7ZYfj0ZdLv8J_lmFL63stKbd_uHcwG_739vAVbZa5K7Ew0pnkE4mkW5DXKFnNKVaJkpms9zxAUvHucUB6hWPruXUhwzUEOIALYuJIYqCzI2VAKsEhZvY8OMXSX3XFSeNFVOr1xSuFVAvBkluFaMtU-Shiecl04aEprEZ8DtSGAg3WtKwdKwmObvulkd8NJ_JDFwK1IiSnOArAtbSW2nRL329p8P0AN17u_FSsetzxgn9eaPffHZGHg3yz5kDuT9OOIfuJHr9IC6dGAxrYbbgxzD0wALx-05Bz3FHdGZ9bOw9aCAwB1iWyd9r1HxIlhzELwSc8bLZHk8Lat96bXxzlVd9QJ58u4VUyhpHg946RF_Syw9YtyDy1bA4ZQ7B_cuKCje0UNnnYX3JAO5VjIaKIoc39VMLLKNqAl9GPBvQNU6Ubxan5gZpKQkG2Lnu5Yf2fahiXPY8eo6aPYA9k0b6thmn23-6tPZde5iYneCz4u7OSWzCi4-NU3kPwbwQ2mTnRwSBwiFjD7L2Jd19kbuPp2jzW9t7RcPX-zmDdYdv6jODYnVPp0HIh-Za9nsCtYNoxnmeAfpdQITMvFwEYVnkkPB0RiQf1PoYIJTPsLtok4ZVAeGFHB45ZgvMbljXs95YYDij85Eie6A5viHXXgbRQHoEix136pKS8mhBubwCluFWdI0umxLyQ_3oJC9_r_W5eocScxWUJDf9-yZq_zZmjOJzHRjQLY6BanLG_6YtzrrSyZLKSulEk36-_RL9w_XqHE8pw6VKowtlJRWZIoa-WL4H3qebbsrOm2be8HbGqhf8JgtlX86vRACEaIBCa2ONnere6-GPu63AdTIoleeURstu0xLPMtjhIt5fhCrtp1Zyrm3CEka9e-potLRiYxaeAHuyXwbbF8b3C83m_FeLjtMZ50-Ah6lEak5MPeFUyhPhY00JAEyJA817jIbdw4V4fCmyw8olkyZEtXQbpOZRazOubIfDD3yK-_I2pVqOKfJt8ZXGmqymvu1tA5gAIn8Fcx16lP9SKYQQgOnnlpKP_RnexdM3I7ivZOtNb6VOGnx5z_5OxCwoYQLaDKC3HAAwwIr-bkOLEWTMGpd0qrSJUxqeT6pdgaq9YBQoUvdrNVlZkdX8ck0hliaAfUjgxnZD6zZU9wF48TH30JvLG0oJ3ywh7yJcSouc9tyOSE7DtZvEoYm5uJhOHQAzCwkTmNFLOTiNdG17RBLHI8SYCiMOL6cGnRwkvOLA1WusOYJZPDlXcXQI7pMnxIFnUyyvJKD3zeJet3g5xTE260Mnss6VazYUWiCaFKoZXfyOv8hP-3bzXkvWOQ2NURipggLgfKJNuhZ6zuFEssZcKvG_XSC0kGSJs-dO087jd3Vf5UvX9MemZEYNPvtIT7oTjmFVzm8KlHDjgtonwLVBrZwUcv9XwzkdTZ4TRW6MFFwMVrDnuaqjU7qSjtpprI5gnOIyOiVPox43eNef5Emg8P2OnUAD3xQ3jT0ETyeN9SFOfxNaghyl_-_HxxwiNpUSLh_V5i0YJ9kbuVAcp6AJqBqQb4c0qPDtNt9mkzBrxH54PaWC61EQ2KiQCMg7PJ0-90YKnoksCnoQrdJ5ueWcQ9iALx1eOE3xmf9fii_ge355UJJypIACptiPhWfXhsaibpyo2KMNYTtwb1dm4Tjp6xUfSnPCJ5nQy7xceIOROxCbl8D8ibi7HT7M-jng1jGssuMSUZi2UYTKxr3ubDn9AKQk_mu4iHC0VR_WZHe6h4bp9mbuN8-CWrUo47nJxvHiE7erE2NI4xeHn_pIdpHADR_AJs847cEM50WVT4h7JOO5bMcgYvKGOHjDk5sSY_km-b-qgezb0tsSQ2BljreswtJ2zBj63rHnDvvcQnP3QZQTeKmLstoPBRIbG8EY-hGqxn76MX0FEIkxqH_vvtRNi2Wovf1JiCNx3QP92w2v2CS7EQ-rzIKx4GnDm6ZaoDwGAz_3bKrP9Zj0Z51kM4KNlyS0A6VxHiZphESb-SwJ02v2pXkjcFFvj7IvBr3LM7sk_Vif2zdKcmkUmj0tc8UCpAprWSdYlIdHDK3_YoZnIFBy-0UlVXV05BTnVgEp7_Jo5uodccDrkne3tZ6gn7cwH9LGoDv-YNXokyA0ehPM4G-T3E0Q3ONYsVIjT_8ORCgA3snOGtmytCT0g6UIXn8a42E6NC19PEqhArG0MJZaNwX62fqJl2z7y12xD64-zz8i0_riYUQJR_W5rU7UD1w_wWiczPhkRfAQf4UpPtb28slIBwUlzEgLge4e8lpQ2my4fPEmabyyz1RrrBObdtY0UpwvOqUNDRW4LgNsWCDG-HmOVXmepboOi2xycq-URdYTTJlspQaUz0tGr1ctcwH6KT35tVomkVNu&pr=8%3AF348BADB679BF953&cid=CAQSGwDICaaNznCLWW3iYqh1keX1hEnQdMVlxLbniRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Farchive.md%2FIOX8Q&ds=l&xdt=0&iif=1&cor=3391862982754529000&adk=3589733384&idt=420&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 18:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 18:00:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 9180 30 KB
11 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 18:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11591
x-xss-protection: 0
server: cafe
etag: 12161711247934188981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 18:00:25 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9180 41 KB
14 KB 265ms
82ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: archive.md
URL: https://archive.md/IOX8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 160985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6CA3 281 B
554 B 224ms
73ms Document
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=no
Requested by: Host: archive.md
URL: https://archive.md/IOX8Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://archive.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Oct 2023 20:14:42 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6CA3 41 KB
11 KB 74ms
74ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=no
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6a3f79e15d73b4d7196444acd307f5cf2776085feb4e0244734e6b8eaef21dcd

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:14:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Oct 2023 12:49:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59670
Connection: keep-alive
Content-Length: 11097
Expires: Sat, 21 Oct 2023 12:49:12 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2A40 38 KB
13 KB 84ms
82ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://archive.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
age: 140993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 6CA3 7 B
380 B 305ms
74ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9180 187 KB
59 KB 289ms
91ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:14:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 20:14:42 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/ Frame 5E1B 25 KB
9 KB 255ms
84ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f66e114f5764653c55515aefda250aab758bcd4ceec7b767bab089ab8cb452c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://archive.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 95554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 9416
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 17:42:08 GMT
expires: Fri, 18 Oct 2024 17:42:08 GMT
last-modified: Thu, 12 Oct 2023 12:10:09 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9180 0
0 312ms
127ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgAZ3UOjRGQv7OIMKRWxX2ZC87XVzTbkzd-1mz2TpAWzu7ZAk-oFM3lzWTRQcx6-ZNBPc-hbWyDJL47V-V5Wauw03KFkrQzmqU69s_-GMfNlOwgaLUlu2qrMLu7q3501V6L_9cOFqCyWQtia3lWoQbcceDYIrJsMtrQBsqeEHnE3NXAw_tJ2Fzi5gTJ6PHertYhA3xciLJ_r7X7s_tRyRoxwI7aJx-tyrXXs8cOybHp_tSFfMwV6widlMTw94ZrNgQtz_Xd-w0cBo1aana-OvyNCZSgqWzUQnRyfSycWNkm6s-8AOpqwltErvRz3vXt-H58hD-6icWfmzTH5JqrDgXwPIk4ybK5T_QlcwYVElodeLhSN9a-CaU3_ilQmBwxtzDrJ9w515q3a4bWhjxe5xQJOr9Uma-KAJR6VO6PKlBAV2O6Fbhzqgh4kxqbdTd6yXPLs5FRLYRMuu0L0y6Ben7cQ5ZuhYLOaiDfSBXNCDxqoGJ3PSNnrVFc-Uz0AUop6Zl9ENbIe2bCZNnXu2tlBaHYxoISvoBQOMWYDbZe3pqEbK2STFn7mUmTDruRmzOdAJFfHGTbqJw49qn8nQtLZKLqpy0qPjMTWtfTD_s6FzqpLPX3Dh-Qn-MX2Vz6rntAhEhqbNKpKjD5-lfh-H-eidM5YwvpDuwqPgNL_ram60p27Hu0bLn9ideGH4XrwCK0kRum63SQrIWvH1M9seJET-AzD1ADdIWhR4vszEDiVB9jzM-gzoy9Utikmy4xxq_tXBbHJdWry_czYrPv_XrGAN8uoWg6LYSg-y6UsSUr5P9zC3lbZ9ubO6S9wn3q3KdtQ_RLdzsXHShsrh2DiAdaaPxyRetdoR0kRbbhRZnytWehq6KmW94bv-kOtuXpGexvd4X-Qd7djIFV5oNfb7yLr93ptXzwME61GtsLdwAzBlsCLA8ZYwwN9yWQeN04sqhokxTB3Snq46F1hsR1efGioIq_8XAIdOmElIlsJh5hRqD9fHaYbQ28TFMCF_oFeFJQsA1YEdCZR2jrxcOCPsUY1U-mwCei2qKe_Ug7WllWfXdPDQOPxQoW71hjUImRSrll6KcNk_mgCa4XJQ0ypAjVTiuJWSa7d9MaUFspjVe27fexiIX2cHYx3dS8PZLOzzii23NuPnkRZxzPZLELLdPwPp7hqeBXLEk5Y8_FUyK28rdT1cVpdqxrTiB7x1kc8jk36UAIBxqxb-1XNRotTtb3HfEBa6SKmQVDetMZVPoySQTrHnCoC4_2o-ld0HV&sai=AMfl-YQjzW-H7y3X1wPSluDsc0Q0xgW4DBAURR3Q8D1Nm5h-tHIl50iloM-jxQOI7xLU8H8Wr7UbMFlWa7xDldte_VepUDOqge4hRy6Nsu6UZ3e6XIVeD083oRPDv27bmSGUiqpuHyplnbJWuUJfWT5HHgioLBrsZFAaWkxLAod9T-DYzVuE52o&sig=Cg0ArKJSzBdp-mOm5MIgEAE&uach_m=[UACH]&pr=8:F348BADB679BF953&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=398&cbvp=1&cstd=394&cisv=r20231017.20456&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: archive.md
URL: https://archive.md/IOX8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 20 Oct 2023 20:14:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A40 37 KB
14 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e0d63bcbdb87183ac2bc571520947e5d249291fc9f94ab328bd238d536f3540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 266782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14583
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:08:20 GMT

GET
H3 200 stage-01-ribbon.fe8692a0.svg
s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/ Frame 5E1B 2 KB
951 B 85ms
84ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/stage-01-ribbon.fe8692a0.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3af2cd6abb969a91bd22f59ad1af8e8db2fe724ea98f8d70a79d16b922a80cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95554
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 922
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 12:10:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 17:42:08 GMT

GET
H3 200 stage-01-text.f3a0c8db.svg
s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/ Frame 5E1B 2 KB
954 B 88ms
87ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/stage-01-text.f3a0c8db.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aaa7848aa1e29d6ee813c95505783bb2b3501817f789fd5a348f5c8273633852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95554
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 925
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 12:10:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 17:42:08 GMT

GET
H3 200 stage-02-text-top.cfe3da7a.svg
s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/ Frame 5E1B 10 KB
3 KB 92ms
91ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/stage-02-text-top.cfe3da7a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1e188386038c270061c5858b2fd22163a564c45ff51e0597bd6b726a049c9aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95554
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2573
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 12:10:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 17:42:08 GMT

GET
H3 200 stage-03-text.82053f02.svg
s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/ Frame 5E1B 6 KB
2 KB 87ms
86ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/stage-03-text.82053f02.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ef72897f84c0ac2393cc3c4b2e8ba086d1c38f27551abb51c26c18592d590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95554
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2470
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 12:10:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 17:42:08 GMT

GET
H3 200 stage-03-ribbon.451468d5.svg
s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/ Frame 5E1B 2 KB
938 B 96ms
95ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/stage-03-ribbon.451468d5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ded98279d877323d92ffdfedfffd4bc58ce9aec05df057d513dcc39a6b9d4609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95554
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 909
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 12:10:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 17:42:08 GMT

GET
H3 200 stage-03-cta.cb8a4948.svg
s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/ Frame 5E1B 3 KB
1 KB 98ms
97ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/stage-03-cta.cb8a4948.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

583c4d986e5e3f6b75ba2b79456eb6770b9744aaf18d6db4598c06db86902b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95554
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1474
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 12:10:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 17:42:08 GMT

GET
H2 206 160-x-600.mp4
olma.ams3.digitaloceanspaces.com/banner/2023/main/ Frame 5E1B 1 MB
1 MB 319ms
155ms Media
video/mp4 5.101.110.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://olma.ams3.digitaloceanspaces.com/banner/2023/main/160-x-600.mp4

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10284416943050390580/160-x-600-wettbewerb-2/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.110.225 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

ams3.digitaloceanspaces.com

Software

Resource Hash

752ed50eb5ed02e9e4ce70b7add36d6308428ed1c0a4ee2f234299936785dd7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 20 Oct 2023 20:14:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Mon, 14 Aug 2023 05:55:01 GMT
x-amz-request-id: tx00000eead6bfdbc67b6bb-006532dfb3-471ae04c-ams3c
etag: "227d5647685db8fece8091571b3626d4"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: video/mp4
Content-Range: bytes 0-1505225/1505226
x-rgw-object-type: Normal
accept-ranges: bytes
Content-Length: 1505226
expires: Mon, 01 Jan 0001 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A40 0
20 B 122ms
122ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B00Ywst8yZdDwAfHL7_UPrpq_2AIAAAAAOAHgBAI&bg=!qaqlquXNAAY5nEQaGZw7ADQBe5WfODRkyrWwsX8-xwSq5ucpoO-JW1OdgNgEG9P60ayRU_Wex6fqgfTYT14FNlhaQmcBAgAAALFSAAAABWgBB5kCzzXT-ueMZUzmLEhSW_iEp6Xw-fJCrQwZxTQjEE2EFUWVMzJsK47KzN0qJqnh7BQ1tbY-ZeNOT3daL7_QKeRWpt3bzP-wPtwlb7Rf7i1-1c0sL20MFSsMlWMHaeO-wbDuC_iGePMoHGe-9ZVk8SB61yVfM4yfi1f_rSmSTAEA4ku5kyppKn8lIZbNaGfrAYgJLwxCd_IsxOcsQ-woXzIIU6PNLenCUEjYXzl2yB62Kg2b2FrIbxGrLKzy2noKVzzwTb4Y6EPkdAe4Mo5lCrGz1BqPw8v6fqqjkwX_83xFr-ntpVeNFUKpmmDtyNZEToyoGUsZuFxgwI_hW1hRSfeU4vxPY02O_AbwWQ88Xs9odAyFPbEba5-dncmQptYqWvYI6xt-LoWrp1WmCcWmB2qsDpoALPAbtAsIyjxUfveNUyFlDF5ia1bGp5ZfDBCA9ApLU7ZxPbrSY3W8ZjEZLAU8iG2IdJ2e6E998NQBO81tETpJlOKZWld1-6rMbiJ4s1_aNsade0SFr0hTl3yN2TigRgRQ_r0Hup5_0It0oGJupH7li2gFyJKDaxYEvUe_vqPvUfqOLp-LhPxr8Arg4q7RjNIfOQH2C_pGWi4VZmrezVcfqVUhC1RFfZoD3kA1yFxf64P20zufGXqXzw0E2pReB3hv7kaGR7lKlDAycEsxjPYfl7XTUjonKjiuegzUlysSvTT1At3_W29miMoQLGQ8Y366uTMDLkqdgXIYGEd3jeEmg5L6aaaF-7AiUK_Qan8WA8TQTWCx-Ms7DWyQfah-YvBKPNb1CC2EN5jdduKqn4FRVxzkTshWJ0ddhXWjBwUGorRCSlKGXJpWkcZbBZ2-9p_xLqtZrjZVztRlvtlQQS_ZxRpuBLTBX2nYRB5Btdg8d6nOvy1ZY65Lvdtra-Ym4B0q7rVx0ZlmvGKgI-7qMjxhesBRu28xuIZOvQ24cABJ

Requested by

Host: archive.md
URL: https://archive.md/IOX8Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9180 0
0 118ms
118ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgAZ3UOjRGQv7OIMKRWxX2ZC87XVzTbkzd-1mz2TpAWzu7ZAk-oFM3lzWTRQcx6-ZNBPc-hbWyDJL47V-V5Wauw03KFkrQzmqU69s_-GMfNlOwgaLUlu2qrMLu7q3501V6L_9cOFqCyWQtia3lWoQbcceDYIrJsMtrQBsqeEHnE3NXAw_tJ2Fzi5gTJ6PHertYhA3xciLJ_r7X7s_tRyRoxwI7aJx-tyrXXs8cOybHp_tSFfMwV6widlMTw94ZrNgQtz_Xd-w0cBo1aana-OvyNCZSgqWzUQnRyfSycWNkm6s-8AOpqwltErvRz3vXt-H58hD-6icWfmzTH5JqrDgXwPIk4ybK5T_QlcwYVElodeLhSN9a-CaU3_ilQmBwxtzDrJ9w515q3a4bWhjxe5xQJOr9Uma-KAJR6VO6PKlBAV2O6Fbhzqgh4kxqbdTd6yXPLs5FRLYRMuu0L0y6Ben7cQ5ZuhYLOaiDfSBXNCDxqoGJ3PSNnrVFc-Uz0AUop6Zl9ENbIe2bCZNnXu2tlBaHYxoISvoBQOMWYDbZe3pqEbK2STFn7mUmTDruRmzOdAJFfHGTbqJw49qn8nQtLZKLqpy0qPjMTWtfTD_s6FzqpLPX3Dh-Qn-MX2Vz6rntAhEhqbNKpKjD5-lfh-H-eidM5YwvpDuwqPgNL_ram60p27Hu0bLn9ideGH4XrwCK0kRum63SQrIWvH1M9seJET-AzD1ADdIWhR4vszEDiVB9jzM-gzoy9Utikmy4xxq_tXBbHJdWry_czYrPv_XrGAN8uoWg6LYSg-y6UsSUr5P9zC3lbZ9ubO6S9wn3q3KdtQ_RLdzsXHShsrh2DiAdaaPxyRetdoR0kRbbhRZnytWehq6KmW94bv-kOtuXpGexvd4X-Qd7djIFV5oNfb7yLr93ptXzwME61GtsLdwAzBlsCLA8ZYwwN9yWQeN04sqhokxTB3Snq46F1hsR1efGioIq_8XAIdOmElIlsJh5hRqD9fHaYbQ28TFMCF_oFeFJQsA1YEdCZR2jrxcOCPsUY1U-mwCei2qKe_Ug7WllWfXdPDQOPxQoW71hjUImRSrll6KcNk_mgCa4XJQ0ypAjVTiuJWSa7d9MaUFspjVe27fexiIX2cHYx3dS8PZLOzzii23NuPnkRZxzPZLELLdPwPp7hqeBXLEk5Y8_FUyK28rdT1cVpdqxrTiB7x1kc8jk36UAIBxqxb-1XNRotTtb3HfEBa6SKmQVDetMZVPoySQTrHnCoC4_2o-ld0HV&sai=AMfl-YQjzW-H7y3X1wPSluDsc0Q0xgW4DBAURR3Q8D1Nm5h-tHIl50iloM-jxQOI7xLU8H8Wr7UbMFlWa7xDldte_VepUDOqge4hRy6Nsu6UZ3e6XIVeD083oRPDv27bmSGUiqpuHyplnbJWuUJfWT5HHgioLBrsZFAaWkxLAod9T-DYzVuE52o&sig=Cg0ArKJSzBdp-mOm5MIgEAE&uach_m=[UACH]&pr=8:F348BADB679BF953&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1167&vt=11&dtpt=769&dett=3&cstd=394&cisv=r20231017.20456&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: archive.md
URL: https://archive.md/IOX8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:14:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9180 42 B
64 B 287ms
120ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfR3-MbyuOL4XAIidp6JFM8L6oQE-vOSe7ISpf0Cm_7UeGi4mZh2lFRQpclGKY44FlpuT6vJC9or3AjuvVWHkSbzrWaRHB-8a9zpFEnsrmJyH3oeUD6o_GTYLu&sig=Cg0ArKJSzIXsYo1qlJOYEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=3589733384&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697832881513&rpt=1595&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9180 0
20 B 119ms
119ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9181896945700&version=m202309260101&ct=119&x=8&cor=3391862982754529000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://archive.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 20:14:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
411 B 224ms
73ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid800.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

f245f9d9c17e0940eaf8fa3a36d05187bcff3e1576eb5b11047f0ba3dcc39e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://archive.md
date: Fri, 20 Oct 2023 20:14:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
270 B 223ms
74ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid800.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

f67869d5cf015a3efa57d61a31897d1d5a8edfcdc7c42dd11286b800d9a8c924

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://archive.md
date: Fri, 20 Oct 2023 20:14:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 301.json Show response
id5-sync.com/g/v2/ 276 B
552 B 223ms
74ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/301.json

Requested by

Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid800.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

82193511019a334363c4002327127d40e2b9429816cfcf265a38abe903af5710

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://archive.md/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://archive.md
date: Fri, 20 Oct 2023 20:14:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 178.255.148.170.no.stw1.355655810.pixel.archive.md
URL: https://178.255.148.170.no.stw1.355655810.pixel.archive.md/x.gif

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1259

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
archive.md/	1970-01-20 15:37:20	Name: _ga Value: GA1.2.661111166.1697832880
.archive.md/	1970-01-20 23:36:44	Name: tmr_lvid Value: 296530a96babd39f5f4634baf8a45fcc
.archive.md/	1970-01-20 23:36:44	Name: tmr_lvidTS Value: 1697832881018
archive.md/	1970-01-20 16:20:24	Name: _pbjs_userid_consent_data Value: 3524755945110770
.mail.ru/	1970-01-21 00:24:15	Name: VID Value: 3HgsiG0cmkIK00000y1uT4YK:::0-0-0-a4d3871-0:CAASEMHWTobMdIBCJ905NV_Lb2waYFP_TyVxEUJIz8zyCT1OigdQNASXjN0OPsqKxpYGAMSx0ENuA0E6Pu3aIj0Rp9JSk5Wdj_EKjRn5OIwVihXrRPGIJ5uTIu1PXczCmsS1iRnWTKOEJ84KZT8EeqsnmDzPzw
.rubiconproject.com/	1970-01-21 00:22:48	Name: khaos Value: LNZ1UZJ4-1G-ISEC
.rubiconproject.com/	1970-01-21 00:22:48	Name: audit Value: 1\|naVuGyos1qrHF7N8hpSccAH/zg6eyGA5WYtpZlqiAnyRSoL65ECe1WEOj7TPip1ykbOFimsiNTp94D3ku/Kjg4ZSnAeuv8EPIZE5xoQF+eG+xUA9sgf/4dzpQ7vzkXQ/
.script.ac/	1970-01-20 15:37:14	Name: __cf_bm Value: K7ufwAFhUmEzEa.volySphbtC.TUl.LxDNaNgSeirbQ-1697832881-0-AW2PAotr4FvmSFX5Zbn7NedUXgYVrKzlkIgeVexkhC4oqXb0SuuYxRHBpNiu8FkkjCq6jLz08lGMjWvdVegoK4Q=
.doubleclick.net/	1970-01-21 01:13:12	Name: IDE Value: AHWqTUkxus-_dTwfjCMZHhuFGxzk4GDljdB0t9Ia_i1c2i2_agpbRuTNnp3GjB6jYFs
.doubleclick.net/	1970-01-20 19:56:24	Name: APC Value: AfxxVi5OieQntrMZWu6P-1-p55YbN5BLSztJjLfiy3D1OdTXIZfZow
archive.md/	1970-01-20 15:38:39	Name: tmr_detect Value: 0%7C1697832883355
archive.md/	1970-01-20 15:37:16	Name: _lr_retry_request Value: true
archive.md/	1970-01-20 16:20:24	Name: _lr_env_src_ats Value: false

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://178.255.148.170.no.stw1.355655810.pixel.archive.md/x.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://archive.md/IOX8Q(Line 392) Message: Mixed Content: The page at 'https://archive.md/IOX8Q' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://packdecp.ezyro.com/wp-comments-post.php'. This endpoint should be made available over a secure connection.
javascript	error	URL: https://archive.md/IOX8Q Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1259' from origin 'https://archive.md' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1259 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

178.255.148.170.no.stw1.355655810.pixel.archive.md
a.publir.com
analytics.publir.com
api.rlcdn.com
archive.md
beacon-ams3.rubiconproject.com
bid.glass
cadmus.script.ac
eus.rubiconproject.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
id5-sync.com
lb.eu-1-id5-sync.com
mp.4dex.io
olma.ams3.digitaloceanspaces.com
pagead2.googlesyndication.com
prebid.media.net
s0.2mdn.net
script.4dex.io
token.rubiconproject.com
top-fwz1.mail.ru
tpc.googlesyndication.com
www.googletagservices.com
178.255.148.170.no.stw1.355655810.pixel.archive.md
api.rlcdn.com
141.95.33.111
142.250.184.194
162.19.138.83
185.101.35.175
185.64.189.112
23.218.210.30
2602:803:c003:200::37
2602:803:c003:200::41
2606:4700:20::ac43:4bf1
2606:4700::6812:1691
2606:4700::6812:372
2606:4700:e0::ac40:6621
2a00:1450:4001:806::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:829::2006
34.120.63.153
34.95.69.49
37.252.173.215
5.101.110.225
64.20.35.44
69.173.144.165
95.163.52.67
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18b6c93a1c96a4604490c8c487e6592c6eaa37d4018ec6cbfc51a621202ded33
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2a60168ae93a37009c445f0fcc0cb151b09a2fe8e292f584e7ed740446aea16c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44ad17dd9f7575456243736c32b3c59a8c5373aba00473c81c701582e9ccea20
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
487b5488b23125ce4f63c52d2d9728daa38a917649f5b229f5fa1fa6213005a1
49633c21c7f51360b3d278ddc28acb5047b59206b27819ebe104bdd9586bfc7f
583c4d986e5e3f6b75ba2b79456eb6770b9744aaf18d6db4598c06db86902b94
6a3f79e15d73b4d7196444acd307f5cf2776085feb4e0244734e6b8eaef21dcd
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
752ed50eb5ed02e9e4ce70b7add36d6308428ed1c0a4ee2f234299936785dd7e
764bfe5116da1549590d2af0922fc54cda1adc27f8a02334fabae423bc73c5cc
7919cab2af4b4dbd8da86564b0f9619e0a4f054fa28882ae6004129b50018eaa
7e0d63bcbdb87183ac2bc571520947e5d249291fc9f94ab328bd238d536f3540
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82193511019a334363c4002327127d40e2b9429816cfcf265a38abe903af5710
8591deeed80ff2f6b240bd53ae0186fb91f99227172ce770627185f23c155273
8a6e2e1a46bbe902b36f211667e4fbb3d6510acfb685cca251f03d57c90999d0
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
a0bcda4d3e86c2bca85fc89dd3990e7f3b2272f0e20e7e03d60384a4c4103145
a3af2cd6abb969a91bd22f59ad1af8e8db2fe724ea98f8d70a79d16b922a80cc
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
aaa7848aa1e29d6ee813c95505783bb2b3501817f789fd5a348f5c8273633852
ad328779b4901492786c9b6ec84f7185a046f43bb5bda9a09eace1d8b6579d5e
afb7cbbcc5527f3174605e97940c1dcbd8b759835a37289434c805f1630abdfc
b00ef72897f84c0ac2393cc3c4b2e8ba086d1c38f27551abb51c26c18592d590
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e188386038c270061c5858b2fd22163a564c45ff51e0597bd6b726a049c9aa
b76fee2711a5ad963ea92ffda8f30870fe9ad7d544d5eaf55ba6a43a2d5d32f3
bb5f312a692fa6046d296d28ca827e8ce219ba3fdd4872a1842c138de4aeeef3
c2a94509174daff37a929726fdd004a17605208d10977932b10bfd2bfdd12c14
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
ded98279d877323d92ffdfedfffd4bc58ce9aec05df057d513dcc39a6b9d4609
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8784cf600efa5162eecb46132810cb58c14dab82fd4bfdfcfca7d0c7d7feea9
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f245f9d9c17e0940eaf8fa3a36d05187bcff3e1576eb5b11047f0ba3dcc39e36
f54b65e5ef7387b69c8643b7cfda86eb03233e32b5c4ea8dae28aa6775acde34
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f66e114f5764653c55515aefda250aab758bcd4ceec7b767bab089ab8cb452c0
f67869d5cf015a3efa57d61a31897d1d5a8edfcdc7c42dd11286b800d9a8c924

archive.md Open in urlscan Pro 185.101.35.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

96 %HTTPS

46 %IPv6

19 Domains

27 Subdomains

25 IPs

6 Countries

2028 kBTransfer

3302 kBSize

13 Cookies

2 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

archive.md Open in urlscan Pro
185.101.35.175 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

96 %
HTTPS

46 %
IPv6

19
Domains

27
Subdomains

25
IPs

6
Countries

2028 kB
Transfer

3302 kB
Size

13
Cookies

56 HTTP transactions
6 data transactions