mir23.online Open in urlscan Pro
87.236.16.150 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mir23.online/
Submission: On February 07 via manual (February 7th 2023, 6:26:08 am UTC) from PK — Scanned from DE

Summary HTTP 195 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 21 domains to perform 195 HTTP transactions. The main IP is 87.236.16.150, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is mir23.online.

This is the only time mir23.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	87.236.16.150 87.236.16.150	198610 (BEGET-AS) (BEGET-AS)
9	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
45	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2 3	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6 6	23.203.125.189 23.203.125.189	16625 (AKAMAI-AS) (AKAMAI-AS)
17	142.251.208.162 142.251.208.162	15169 (GOOGLE) (GOOGLE)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.157.212.215 35.157.212.215	16509 (AMAZON-02) (AMAZON-02)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:e1bd:7041:688d:fd77	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4005:81d::2003	15169 (GOOGLE) (GOOGLE)
195	22

34 87.236.16.150 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.quake1.beget.com

mir23.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.203.125.189 (Vienna, Austria) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-189.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.208.162 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.154.237 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.212.215 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-212-215.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:e1bd:7041:688d:fd77 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4005:81d::2003 (Central, Hong Kong)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	701 KB
35	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	274 KB
34	mir23.online mir23.online	1 MB
24	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	323 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	7 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	385 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	addthis.com 6 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1925	4 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416	3 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 733	2 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1634	550 B
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 632	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 308	962 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8741	696 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1854	297 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 661	803 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 596	98 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	602 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	43 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
195	21

	Domain	Requested by
45	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
34	mir23.online	mir23.online
21	pagead2.googlesyndication.com	mir23.online pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
17	cm.g.doubleclick.net	mir23.online googleads.g.doubleclick.net
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net mir23.online
13	fonts.gstatic.com	fonts.googleapis.com
10	www.gstatic.com	googleads.g.doubleclick.net
9	fonts.googleapis.com	mir23.online googleads.g.doubleclick.net
8	www.googletagservices.com	googleads.g.doubleclick.net
6	e.dlx.addthis.com	6 redirects
5	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
3	rtb.openx.net	googleads.g.doubleclick.net
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
2	pixel.rubiconproject.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	mir23.online
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
195	27

This site contains links to these domains. Also see Links.

Domain
wordpress.org
themezhut.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
mir23.online R3	`2023-01-30` - `2023-04-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 26 frames:

Primary Page: http://mir23.online/
Frame ID: 6D6E741D735B85DECB628B8914F93C08
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html
Frame ID: 9EEE10DB6D81F3FA0416B801F6D7EEE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&adk=1812271804&adf=3025194257&lmt=1675751161&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=http%3A%2F%2Fmir23.online%2F&ea=0&pra=5&wgl=1&dt=1675751161387&bpp=14&bdt=698&idt=250&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6432416050169&frm=20&pv=2&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=291
Frame ID: F40DA820CF58EA88EC2F57BF61B8F0D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675751161&rafmt=1&to=qs&pwprc=8715166976&format=1200x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751161401&bpp=3&bdt=713&idt=281&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FbCczL4jnd&p=http%3A//mir23.online&dtd=289
Frame ID: 30B133C5B020CC0A0158E2CC5E75B375
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=1187716240&adf=2068404441&pi=t.aa~a.3415888743~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1865&idt=-M&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1017&ady=1622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dMDJfb7fp9&p=http%3A//mir23.online&dtd=11
Frame ID: C0806E13A67638946888475540E65758
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=4065382214&pi=t.aa~a.1377294678~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=-M&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280&nras=4&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=1964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Lw6zUQZ284&p=http%3A//mir23.online&dtd=23
Frame ID: 95A9B3A6131E2F31948968F41FD618F5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35
Frame ID: 76C4104B04B4BA246841DC92E43CBCC0
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1
Frame ID: 273EF3D374E4A5DD8576534E744260B9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1
Frame ID: AFF9BAF1DCC09477788A00CD2C0BDCA9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6BE7D18949A268CBC6A781AAAE80CEEA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1
Frame ID: 189C8BB04CF66DF6591B3543DEE58CC9
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: C6311FA4F2296CA8E0A27055886E69A2
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 586ED17B17823C6A5FCB34FE2DF3EE8D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2B7570E050289BB977CEC944F7FAEA54
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: 1BF293D266F16EFA01DD919046139B80
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: 0236FD37B130F02283BA228161050697
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: 325F2E278F38FB38C25361D79E7F09B6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: 6F9468450F9B410A3F43D3997DEB029C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 24E135A80994500F2B753CEAA355464E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: B8875628BAA8FEED245248C2A893E7D1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1102D3ADFC3673D83983E91FD85F7015
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: AEE0ED3495EED4417390913048B1E0FA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0ADBB83458A8E5287222431BB79DE644
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: C9206F388D1E86C4B2762DA8E6FD2B33
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1FA8DFB3740FA47D7DA1AE84D728602F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D4C4215B8E9481BA893F3994E3259706
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DOG – LOVERS

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

195
Requests

83 %
HTTPS

65 %
IPv6

21
Domains

27
Subdomains

22
IPs

7
Countries

2940 kB
Transfer

6120 kB
Size

27
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: http://themezhut.com/themes/awaken
Title: ThemezHut

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx_ECvWlb_X65P-2LAKBj5tHCR0rXREjuIGa068945dJ0SPprbShPXvD-mOd7v5YGbQGmHSKd0Zu96_7KVB62pYfCuGOUsxu4giD0MpNNaBEPKuQ05EYnJBZVhEekAg3IgQKxNg8FmPr&google_gid=CAESELkCnPfHZhvilZus1EDWGaM&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx_ECvWlb_X65P-2LAKBj5tHCR0rXREjuIGa068945dJ0SPprbShPXvD-mOd7v5YGbQGmHSKd0Zu96_7KVB62pYfCuGOUsxu4giD0MpNNaBEPKuQ05EYnJBZVhEekAg3IgQKxNg8FmPr&google_gid=CAESELkCnPfHZhvilZus1EDWGaM&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMDcwNjI2MDQwMDA4MzIwNzExNTE0Ng%3D%3D&google_push=Aa02lx_ECvWlb_X65P-2LAKBj5tHCR0rXREjuIGa068945dJ0SPprbShPXvD-mOd7v5YGbQGmHSKd0Zu96_7KVB62pYfCuGOUsxu4giD0MpNNaBEPKuQ05EYnJBZVhEekAg3IgQKxNg8FmPr

Request Chain 132

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENXWXQRb0YP7uBh-_C0DWKM&google_cver=1&google_push=Aa02lx_bbOdxmPGqSt_asaHYCZn40_9QMNTmh7x41RjWMZqlvylMe5r4ZFGzR2aJKOqYs4dh8y2lvgzv7NucaRYrBjh6srgqn6wEs4BDJP0i8VTa3XiNuMmv4h_hV2N2UG0IUL4_JY6reUTa HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENXWXQRb0YP7uBh-_C0DWKM&google_cver=1&google_push=Aa02lx_bbOdxmPGqSt_asaHYCZn40_9QMNTmh7x41RjWMZqlvylMe5r4ZFGzR2aJKOqYs4dh8y2lvgzv7NucaRYrBjh6srgqn6wEs4BDJP0i8VTa3XiNuMmv4h_hV2N2UG0IUL4_JY6reUTa&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dtamjavnSvy-PU_ooC5Muw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_bbOdxmPGqSt_asaHYCZn40_9QMNTmh7x41RjWMZqlvylMe5r4ZFGzR2aJKOqYs4dh8y2lvgzv7NucaRYrBjh6srgqn6wEs4BDJP0i8VTa3XiNuMmv4h_hV2N2UG0IUL4_JY6reUTa

Request Chain 133

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_cver=1&google_push=Aa02lx-KobqL3VwDMWYNCC6URbISNw0nIE3hqfkQOt6Jn37kbAXBVIAxYVlsRDZNYkNq4f6b-IeyWIDUQyjTDfZJMEYWlCgF4VuyOxWpmLZmE1ZbqjdxEiCOVBqCrJRfy6CrjNkMIJJQR58e HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_push=Aa02lx-KobqL3VwDMWYNCC6URbISNw0nIE3hqfkQOt6Jn37kbAXBVIAxYVlsRDZNYkNq4f6b-IeyWIDUQyjTDfZJMEYWlCgF4VuyOxWpmLZmE1ZbqjdxEiCOVBqCrJRfy6CrjNkMIJJQR58e&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_hm=Y-Hu--n9MJAiDOd087MvRgAABIYAAAIB&google_nid=index&google_push=Aa02lx-KobqL3VwDMWYNCC6URbISNw0nIE3hqfkQOt6Jn37kbAXBVIAxYVlsRDZNYkNq4f6b-IeyWIDUQyjTDfZJMEYWlCgF4VuyOxWpmLZmE1ZbqjdxEiCOVBqCrJRfy6CrjNkMIJJQR58e

Request Chain 155

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN-wk0YKe6GSmBMctY8xgHQ&google_cver=1&google_push=Aa02lx8CQxnSp7G3l5BOlUO6uorjPJMzQo48-LpzA4qFmOv9tGyK3WhVbSfVOrMFRYh_siUfbb9Sowd4EERIsehEM08x7rJz3ALXWffZg3BTZpgiRgCOIndGcOJV13r15Fr0Rdx43AyBQyTR HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8CQxnSp7G3l5BOlUO6uorjPJMzQo48-LpzA4qFmOv9tGyK3WhVbSfVOrMFRYh_siUfbb9Sowd4EERIsehEM08x7rJz3ALXWffZg3BTZpgiRgCOIndGcOJV13r15Fr0Rdx43AyBQyTR&google_hm=XPBAAaL6aM76sSfC2sm2Dg

Request Chain 156

https://d.agkn.com/pixel/2175/?google_gid=CAESECPEBDa8DGHZR_Nv-1yO4lA&google_cver=1&google_push=Aa02lx89QCSchPU0XaMe0R1MISCWcA9swTuTHHYtamFAXvQQL6EvFwaVjO_WQJPS03Bxc95ElqYnIPLvM9fCDyyzfYZjjOLTF5EqXHfKiK-uVLtYQK2l7Gjpwt9iUcVYetz058UI2GgB8yVZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx89QCSchPU0XaMe0R1MISCWcA9swTuTHHYtamFAXvQQL6EvFwaVjO_WQJPS03Bxc95ElqYnIPLvM9fCDyyzfYZjjOLTF5EqXHfKiK-uVLtYQK2l7Gjpwt9iUcVYetz058UI2GgB8yVZ&google_hm=Q0FFU0VDUEVCRGE4REdIWlJfTnYtMXlPNGxB

Request Chain 157

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx-CzD6V-4TH8IMAvuDFrTbl1YAghPXd8p2BhFrRBWvmgpgAfWxH47UWDy9Bayk1IojJdoV2rgedb_mjNPjDdUntyPC-TxHqsYuXF0kErY7gNGM0w3A63DQIX6OzdjG9nzEKCyDYvdR6&google_gid=CAESELkCnPfHZhvilZus1EDWGaM&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx-CzD6V-4TH8IMAvuDFrTbl1YAghPXd8p2BhFrRBWvmgpgAfWxH47UWDy9Bayk1IojJdoV2rgedb_mjNPjDdUntyPC-TxHqsYuXF0kErY7gNGM0w3A63DQIX6OzdjG9nzEKCyDYvdR6&google_gid=CAESELkCnPfHZhvilZus1EDWGaM&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMDcwNjI2MDQwMDAxMjc5MDgyMDg4NQ%3D%3D&google_push=Aa02lx-CzD6V-4TH8IMAvuDFrTbl1YAghPXd8p2BhFrRBWvmgpgAfWxH47UWDy9Bayk1IojJdoV2rgedb_mjNPjDdUntyPC-TxHqsYuXF0kErY7gNGM0w3A63DQIX6OzdjG9nzEKCyDYvdR6

Request Chain 159

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENXWXQRb0YP7uBh-_C0DWKM&google_cver=1&google_push=Aa02lx-Jac45p-XdXiTi-kPUN7t30u5_3wycAXAuhziMjgry6tv0GgWmCQnH4TrondgFr6YmHdz-L0C8EhU5H_tC8YdGgqQL76STLs3jdJmlzi0a4CUkVS_1UYQrJE55fHRuESxlgCWiGjhf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bieg6N-ORD6YL8aO59E3LQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-Jac45p-XdXiTi-kPUN7t30u5_3wycAXAuhziMjgry6tv0GgWmCQnH4TrondgFr6YmHdz-L0C8EhU5H_tC8YdGgqQL76STLs3jdJmlzi0a4CUkVS_1UYQrJE55fHRuESxlgCWiGjhf

Request Chain 160

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECxhkEBJAXcbxWd3KkMbZgg&google_cver=1&google_push=Aa02lx97PgSD4sbAuyFudHauus7J_IlBPqttCHcBp0UyRki7rmhwTRGSkd_ULpOPR69v3dFGWEl_qsmMlwaiVSK8S7VKC_7S_W1auwuXnoFf0W9n3B17Ee3iz6phy4xsN__xgPNLMkJA2uPk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERUVVo1QjAtRi00NTU2&google_push=Aa02lx97PgSD4sbAuyFudHauus7J_IlBPqttCHcBp0UyRki7rmhwTRGSkd_ULpOPR69v3dFGWEl_qsmMlwaiVSK8S7VKC_7S_W1auwuXnoFf0W9n3B17Ee3iz6phy4xsN__xgPNLMkJA2uPk

Request Chain 161

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_cver=1&google_push=Aa02lx93gsEommvPgASwnoHqEuQZY6j5Eg6ajJq8r0XNyFyjb8_ez1O2zwSusnw_CAv8qP7guESvZ5D0V9Yy8B654pwc8YGZK_a3VDzmhqCZxVshYaPlThizkGZp6upMOrUJkAscT98G3SMg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_hm=Y-Hu--n9MJAiDOd087MvRgAABIYAAAIB&google_nid=index&google_push=Aa02lx93gsEommvPgASwnoHqEuQZY6j5Eg6ajJq8r0XNyFyjb8_ez1O2zwSusnw_CAv8qP7guESvZ5D0V9Yy8B654pwc8YGZK_a3VDzmhqCZxVshYaPlThizkGZp6upMOrUJkAscT98G3SMg

Request Chain 179

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN-wk0YKe6GSmBMctY8xgHQ&google_cver=1&google_push=Aa02lx8lHA1kMLPe8z4vO33wGz8hzLEhjiRfoDLKE3uCtLn3lv4wyJkByv4_LMNDCGYDM8hGfBA2-NpnJiy53I39loPjIoQBGi_x HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8lHA1kMLPe8z4vO33wGz8hzLEhjiRfoDLKE3uCtLn3lv4wyJkByv4_LMNDCGYDM8hGfBA2-NpnJiy53I39loPjIoQBGi_x&google_hm=XPBAAaL6aM76sSfC2sm2Dg

Request Chain 180

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Fdzia-ePnjBDEAzN56xnzKG5utWBGQUXGRuXO2cvhYgNNoTZxQrHeEE0kLdu5-gtAfe1BE53ukDTxc1VkrrwrAAqaLETx&google_gid=CAESELkCnPfHZhvilZus1EDWGaM&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Fdzia-ePnjBDEAzN56xnzKG5utWBGQUXGRuXO2cvhYgNNoTZxQrHeEE0kLdu5-gtAfe1BE53ukDTxc1VkrrwrAAqaLETx&google_gid=CAESELkCnPfHZhvilZus1EDWGaM&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMDcwNjI2MDQwMDA3NTQxMTczODA0Nw%3D%3D&google_push=Aa02lx8Fdzia-ePnjBDEAzN56xnzKG5utWBGQUXGRuXO2cvhYgNNoTZxQrHeEE0kLdu5-gtAfe1BE53ukDTxc1VkrrwrAAqaLETx

Request Chain 182

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENXWXQRb0YP7uBh-_C0DWKM&google_cver=1&google_push=Aa02lx-XXbodtxqZs1EOuGJH4c_5fZiT9AdpH-u6z-N4pV3C66QauyDFtlAwn4Urh36wXvoH_ak14uY5lPFb5bFOBf4fGAOY4Rw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bieg6N-ORD6YL8aO59E3LQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-XXbodtxqZs1EOuGJH4c_5fZiT9AdpH-u6z-N4pV3C66QauyDFtlAwn4Urh36wXvoH_ak14uY5lPFb5bFOBf4fGAOY4Rw

Request Chain 183

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECxhkEBJAXcbxWd3KkMbZgg&google_cver=1&google_push=Aa02lx-A43D4CnzwRaxrTg92OEyMCmIQj38sCme98FJKkMVlIFM12D2bxFRMFbeeL0FkesSpB1-VJyZJ89la7CClhnVrrBU6U5Ex HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERUVVo1Q0otMVktRENKTg==&google_push=Aa02lx-A43D4CnzwRaxrTg92OEyMCmIQj38sCme98FJKkMVlIFM12D2bxFRMFbeeL0FkesSpB1-VJyZJ89la7CClhnVrrBU6U5Ex

Request Chain 184

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_cver=1&google_push=Aa02lx9vFsuIOmGsh8DttjVdw31NOau_mA-l1itBTvz5pNEWSxXB-sAHbF9wPRaYl8p3HMAF8zsbUpQ3R54k-cL-vC6PLv-MED9X HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_hm=Y-Hu--n9MJAiDOd087MvRgAABIYAAAIB&google_nid=index&google_push=Aa02lx9vFsuIOmGsh8DttjVdw31NOau_mA-l1itBTvz5pNEWSxXB-sAHbF9wPRaYl8p3HMAF8zsbUpQ3R54k-cL-vC6PLv-MED9X

195 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mir23.online/ 62 KB
10 KB 1217ms
875ms Document
text/html 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 / PHP/7.4.33
Resource Hash: d9a1123e473aa0db0fb8f53966c9b9698e54c586a136c34bea757516e4d0865a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Feb 2023 06:26:00 GMT
Keep-Alive: timeout=30
Link: <https://mir23.online/wp-json/>; rel="https://api.w.org/"
Server: nginx-reuseport/1.21.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-LiteSpeed-Tag: 8a4_HTTP.200,8a4_PGSRP
X-Powered-By: PHP/7.4.33

GET
H/1.1 200
OK style.min.css
mir23.online/wp-includes/css/dist/block-library/ 93 KB
13 KB 94ms
94ms Stylesheet
text/css 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Nov 2022 08:31:49 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"63749ff5-172a9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:00 GMT

GET
H/1.1 200
OK classic-themes.min.css
mir23.online/wp-includes/css/ 217 B
575 B 442ms
440ms Stylesheet
text/css 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 07:33:23 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"63621d43-d9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:00 GMT

GET
H/1.1 200
OK dashicons.min.css
mir23.online/wp-includes/css/ 58 KB
35 KB 179ms
91ms Stylesheet
text/css 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-includes/css/dashicons.min.css?ver=6.1.1
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Jul 2021 12:19:51 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6103ee67-e688"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:00 GMT

GET
H/1.1 200
OK frontend.css
mir23.online/wp-content/plugins/post-views-counter/css/ 289 B
588 B 179ms
89ms Stylesheet
text/css 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.4
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Jul 2021 12:33:26 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6103f196-121"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:00 GMT

GET
H/1.1 200
OK font-awesome.min.css
mir23.online/wp-content/themes/awaken/css/ 26 KB
6 KB 181ms
91ms Stylesheet
text/css 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-content/themes/awaken/css/font-awesome.min.css?ver=4.4.0
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 14:16:42 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"62e931ca-6857"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:00 GMT

GET
H/1.1 200
OK bootstrap.min.css
mir23.online/wp-content/themes/awaken/css/ 107 KB
18 KB 186ms
94ms Stylesheet
text/css 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-content/themes/awaken/css/bootstrap.min.css?ver=all
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 79d81675fa8c91f4dc20d2b7e4062979e0255efee595ff0e35bc1c82d8031779

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 14:16:42 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"62e931ca-1ab9c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:00 GMT

GET
H/1.1 200
OK style.css
mir23.online/wp-content/themes/awaken/ 60 KB
12 KB 186ms
93ms Stylesheet
text/css 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-content/themes/awaken/style.css?ver=6.1.1
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: c9a8405d7a339fd94893a5e4ba01efaaa8aa8742eace88dd3fbb8f2415605519

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 14:16:42 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"62e931ca-f1ba"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 18 KB
2 KB 143ms
55ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%7CSource+Sans+Pro%3A400%2C600%2C700%2C400italic%7CRoboto+Condensed%3A400italic%2C700%2C400&subset=latin%2Clatin-ext

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ae537038d179baff8fefc17c29d7ae8ad6f5c256687b56ca732a505c3c7c91b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 06:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 06:09:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 06:26:00 GMT

GET
H/1.1 200
OK flexslider.css
mir23.online/wp-content/themes/awaken/css/ 5 KB
2 KB 269ms
90ms Stylesheet
text/css 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-content/themes/awaken/css/flexslider.css?ver=6.1.1
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: d4f22b7be5b41ec10d826c0621f4c2afcbac27b9d248e361fc895a0a50f3cd3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 14:16:42 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"62e931ca-1313"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:00 GMT

GET
H/1.1 200
OK jquery.min.js Show response
mir23.online/wp-includes/js/jquery/ 88 KB
31 KB 274ms
93ms Script
application/x-javascript 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 07:33:23 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"63621d43-15e54"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:00 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
mir23.online/wp-includes/js/jquery/ 11 KB
4 KB 276ms
90ms Script
application/x-javascript 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Jul 2021 11:46:43 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6103e6a3-2bd8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:00 GMT

GET
H/1.1 200
OK scripts.js Show response
mir23.online/wp-content/themes/awaken/js/ 257 B
594 B 350ms
86ms Script
application/x-javascript 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-content/themes/awaken/js/scripts.js?ver=6.1.1
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: bd33643097ad7c64b35d4fcf4def545367f7d27a5695036d8a5524b758179168

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 14:16:42 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"62e931ca-101"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 149ms
60ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5934039247412202

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5a9ca98f321855b51061f3aae017bb91730d2562df2b0265da9e9378b1f2a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mir23.online/
Origin: http://mir23.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50075
x-xss-protection: 0
server: cafe
etag: 7224728127672739206
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 06:26:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 144ms
54ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-212562185-1

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a18c57d042582f5a9866ff9e5a303225671cb8b2dd9bef1da9c67d8890bbfb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43900
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Feb 2023 06:26:01 GMT

GET
H2 200 image-390-388x220.png
mir23.online/wp-content/uploads/2023/02/ 130 KB
130 KB 368ms
180ms Image
image/png 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/image-390-388x220.png
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 47969e9d1dabebe890c473288630ff466d05263c8a1b2b5071fdcf27fa55b109

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Mon, 06 Feb 2023 19:33:07 GMT
server: nginx-reuseport/1.21.1
etag: "63e155f3-20689"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 132745
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H/1.1 200
OK navigation.js Show response
mir23.online/wp-content/themes/awaken/js/ 1 KB
746 B 89ms
89ms Script
application/x-javascript 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-content/themes/awaken/js/navigation.js?ver=20120206
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: dd9fdf762387b6a692692caad42e2f6fa53f62114250fde247e21651c986f7a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 14:16:42 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"62e931ca-45f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:01 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
mir23.online/wp-content/themes/awaken/js/ 31 KB
9 KB 97ms
97ms Script
application/x-javascript 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-content/themes/awaken/js/bootstrap.min.js?ver=6.1.1
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 0e60248025418d096dfc031b77ee927ea0530db6a6cc7ab2152591ca75b31ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 14:16:42 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"62e931ca-7d0d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:01 GMT

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
mir23.online/wp-content/themes/awaken/js/ 650 B
740 B 87ms
86ms Script
application/x-javascript 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-content/themes/awaken/js/skip-link-focus-fix.js?ver=20130115
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3ea538dfe3f28e017d4e9a739ef1923f0e42a37d17743050b1b4066d28746357

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 14:16:42 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"62e931ca-28a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:01 GMT

GET
H/1.1 200
OK jquery.flexslider-min.js Show response
mir23.online/wp-content/themes/awaken/js/ 21 KB
7 KB 92ms
91ms Script
application/x-javascript 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-content/themes/awaken/js/jquery.flexslider-min.js?ver=6.1.1
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 0c853c2cc205bafe5d893017b6a03a2acf0f04a11b85f80605514cf0ae540fe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 14:16:42 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"62e931ca-5486"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:01 GMT

GET
H/1.1 200
OK awaken.slider.js Show response
mir23.online/wp-content/themes/awaken/js/ 186 B
553 B 92ms
91ms Script
application/x-javascript 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-content/themes/awaken/js/awaken.slider.js?ver=6.1.1
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: c3fa146a13b54316925dd21acf9d4e5ffd2665e4b10a8140c4c2aa15074aae0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 14:16:42 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"62e931ca-ba"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:01 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
mir23.online/wp-includes/js/ 18 KB
5 KB 90ms
90ms Script
application/x-javascript 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 May 2022 07:30:23 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"628ddb0f-48b9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 14 Feb 2023 06:26:01 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 210ms
120ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%7CSource+Sans+Pro%3A400%2C600%2C700%2C400italic%7CRoboto+Condensed%3A400italic%2C700%2C400&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://mir23.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:06:25 GMT
x-content-type-options: nosniff
age: 404376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 14:06:25 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 172ms
83ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://mir23.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:35:04 GMT
x-content-type-options: nosniff
age: 402657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 14:35:04 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 203ms
114ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://mir23.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 18:50:20 GMT
x-content-type-options: nosniff
age: 300941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:50:20 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
mir23.online/wp-content/themes/awaken/fonts/ 63 KB
63 KB 90ms
90ms Font
application/font-woff2 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mir23.online/wp-content/themes/awaken/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: mir23.online
URL: http://mir23.online/wp-content/themes/awaken/css/font-awesome.min.css?ver=4.4.0
Protocol: HTTP/1.1
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: http://mir23.online/wp-content/themes/awaken/css/font-awesome.min.css?ver=4.4.0
Origin: http://mir23.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 06:26:01 GMT
Last-Modified: Tue, 02 Aug 2022 14:16:42 GMT
Server: nginx-reuseport/1.21.1
ETag: "62e931ca-fbd0"
Content-Type: application/font-woff2
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 64464
Expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 rare-litter-2-388x220.jpg
mir23.online/wp-content/uploads/2023/02/ 17 KB
17 KB 352ms
180ms Image
image/jpeg 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/rare-litter-2-388x220.jpg
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: e5bf142e0b3d586ccd9af4704d9a9ec48b4ff9777eb1d694675a4d927765e928

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Mon, 06 Feb 2023 19:10:34 GMT
server: nginx-reuseport/1.21.1
etag: "63e150aa-42ca"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17098
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 118ms
40ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://mir23.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 08:45:21 GMT
x-content-type-options: nosniff
age: 596440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 08:45:21 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 127ms
50ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://mir23.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:09:50 GMT
x-content-type-options: nosniff
age: 26171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:09:50 GMT

GET
H2 200 t1-2-388x220.jpg
mir23.online/wp-content/uploads/2023/02/ 43 KB
43 KB 340ms
181ms Image
image/jpeg 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/t1-2-388x220.jpg
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5e747eec6fbe395fea4971c42d5beb68b37d78cdac91051acc312514c43f591b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Mon, 06 Feb 2023 18:55:32 GMT
server: nginx-reuseport/1.21.1
etag: "63e14d24-ab60"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43872
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 chihua-and-peagon-388x220.jpg
mir23.online/wp-content/uploads/2023/02/ 28 KB
28 KB 340ms
181ms Image
image/jpeg 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/chihua-and-peagon-388x220.jpg
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 713f3701e9bf8ac47f92652a884ab3ea9b75cb8b683237da421d6b1cc8bf5c70

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Mon, 06 Feb 2023 18:17:55 GMT
server: nginx-reuseport/1.21.1
etag: "63e14453-6fc7"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28615
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 bruno6-388x220.jpg
mir23.online/wp-content/uploads/2023/02/ 15 KB
15 KB 699ms
540ms Image
image/jpeg 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/bruno6-388x220.jpg
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 1a516ce5eba0eded4521d090856aa5a355ed853edcdd63cded6bad82d747faf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Mon, 06 Feb 2023 13:11:39 GMT
server: nginx-reuseport/1.21.1
etag: "63e0fc8b-3bbc"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15292
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 Rescued_Dog_Who_Lost_Her_Puppies_Adopted_Three_Orphaned_Kittens_2-388x220.jpeg
mir23.online/wp-content/uploads/2023/02/ 30 KB
30 KB 641ms
540ms Image
image/jpeg 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/Rescued_Dog_Who_Lost_Her_Puppies_Adopted_Three_Orphaned_Kittens_2-388x220.jpeg
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 33c75dc4676155be31fb7085b8b0a8aeaba553164586ed99858d8ab4426e0590

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Sun, 05 Feb 2023 18:34:34 GMT
server: nginx-reuseport/1.21.1
etag: "63dff6ba-782c"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30764
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 HT_cheetah_cubs_as_160325_16x9_1600-752x440-1-388x220.jpg
mir23.online/wp-content/uploads/2023/02/ 17 KB
17 KB 531ms
531ms Image
image/jpeg 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/HT_cheetah_cubs_as_160325_16x9_1600-752x440-1-388x220.jpg
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: b6314e9ab1b7b695250352375d8f032a3b6a525602f25f744938ff8655e22338

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Sun, 05 Feb 2023 18:01:17 GMT
server: nginx-reuseport/1.21.1
etag: "63dfeeed-432e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17198
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 Untitled-1-388x220.png
mir23.online/wp-content/uploads/2023/02/ 166 KB
166 KB 533ms
532ms Image
image/png 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/Untitled-1-388x220.png
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: fb83f3a89bf4c91924b4196381c0bcf763d8d2baf5b4212b7f5d09b52a21f00d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Sun, 05 Feb 2023 17:50:16 GMT
server: nginx-reuseport/1.21.1
etag: "63dfec58-29652"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 169554
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 Find-Frog-in-3-Seconds-752x440-1-388x220.webp
mir23.online/wp-content/uploads/2023/02/ 14 KB
14 KB 533ms
532ms Image
image/webp 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/Find-Frog-in-3-Seconds-752x440-1-388x220.webp
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 165bbe7b874f7d02147c222e949dfe7fd5e67f52b271fe67d56f95e10b9b89b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Sat, 04 Feb 2023 19:53:07 GMT
server: nginx-reuseport/1.21.1
etag: "63deb7a3-360a"
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13834
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 hidding-dog-optical-illusion-388x220.jpg
mir23.online/wp-content/uploads/2023/02/ 75 KB
75 KB 533ms
533ms Image
image/jpeg 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/hidding-dog-optical-illusion-388x220.jpg
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: d0e8faa5103c0827a0e33a2fca30961573bceda02380a327f7d744a7aaf9e107

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Sat, 04 Feb 2023 17:33:36 GMT
server: nginx-reuseport/1.21.1
etag: "63de96f0-12bcf"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76751
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 image-390.png
mir23.online/wp-content/uploads/2023/02/ 193 KB
193 KB 259ms
179ms Image
image/png 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/image-390.png
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: ef453687d0062dc62c1022629c204134e56ce42ae26a571dfe1abd05347d6a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Mon, 06 Feb 2023 19:33:07 GMT
server: nginx-reuseport/1.21.1
etag: "63e155f3-30226"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 197158
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 rare-litter-2-752x440.jpg
mir23.online/wp-content/uploads/2023/02/ 48 KB
48 KB 248ms
180ms Image
image/jpeg 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/rare-litter-2-752x440.jpg
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: f966f939b2b6e7a9feba7efb7552e7080b1f5f8b4c3728326e8f082f7f98aaa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Mon, 06 Feb 2023 19:10:34 GMT
server: nginx-reuseport/1.21.1
etag: "63e150aa-c0c7"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 49351
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 t1-2.jpg
mir23.online/wp-content/uploads/2023/02/ 84 KB
85 KB 248ms
180ms Image
image/jpeg 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/t1-2.jpg
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 60a0b7dc20fd8bc1f16916be2b526fcf6a136f21d3a281607963fd7d4efc9669

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Mon, 06 Feb 2023 18:55:32 GMT
server: nginx-reuseport/1.21.1
etag: "63e14d24-15175"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 86389
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 chihua-and-peagon-752x420.jpg
mir23.online/wp-content/uploads/2023/02/ 63 KB
64 KB 607ms
540ms Image
image/jpeg 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/chihua-and-peagon-752x420.jpg
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 251e946fb0ebfc2dd20d8e40bc93163ad4e56d37e6984579b68fcf23fe054630

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Mon, 06 Feb 2023 18:17:55 GMT
server: nginx-reuseport/1.21.1
etag: "63e14453-fd66"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 64870
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 bruno6-752x440.jpg
mir23.online/wp-content/uploads/2023/02/ 39 KB
39 KB 248ms
180ms Image
image/jpeg 87.236.16.150
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir23.online/wp-content/uploads/2023/02/bruno6-752x440.jpg
Requested by: Host: mir23.online
URL: http://mir23.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.150 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quake1.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: c6350d7d8444acf5f7858c2825770616010f56e3f8d965f52126cb81027ad16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
last-modified: Mon, 06 Feb 2023 13:11:39 GMT
server: nginx-reuseport/1.21.1
etag: "63e0fc8b-9a67"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 39527
expires: Thu, 09 Mar 2023 06:26:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 140ms
39ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-212562185-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 04:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5471
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 07 Feb 2023 06:54:50 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/ 361 KB
118 KB 149ms
67ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5934039247412202&plah=mir23.online&bust=31071886

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5934039247412202

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cded31790e63d3ae6fd29c76f7785f39763ef330fba7a3daa77801546de27a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121179
x-xss-protection: 0
server: cafe
etag: 13219796288990969085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 06:26:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/ Frame 9EEE 10 KB
5 KB 129ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5934039247412202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mir23.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 01:45:52 GMT
etag: 10353107486223812946
expires: Tue, 21 Feb 2023 01:45:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 48ms
47ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2068749725&t=pageview&_s=1&dl=http%3A%2F%2Fmir23.online%2F&ul=en-us&de=UTF-8&dt=DOG%20%E2%80%93%20LOVERS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=229142578&gjid=1897286415&cid=1419573672.1675751162&tid=UA-212562185-1&_gid=1631027900.1675751162&_r=1&gtm=457e3210&z=810555347

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://mir23.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://mir23.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
602 B 202ms
78ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mir23.online&callback=_gfp_s_&client=ca-pub-5934039247412202

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5934039247412202&plah=mir23.online&bust=31071886

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f2dcbb668d15241a665c21cb1f9598c256714b45554ea43ee4e27c8b4012455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 137ms
50ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mir23.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 139ms
51ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mir23.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F40D 507 KB
96 KB 759ms
756ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&adk=1812271804&adf=3025194257&lmt=1675751161&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=http%3A%2F%2Fmir23.online%2F&ea=0&pra=5&wgl=1&dt=1675751161387&bpp=14&bdt=698&idt=250&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6432416050169&frm=20&pv=2&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=291

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4630940a1b12ae3868da259b5d2ca4f85c580f5b59628065ce4ca09fe08453a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mir23.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 97875
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 06:26:02 GMT
expires: Tue, 07 Feb 2023 06:26:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 30B1 85 KB
30 KB 613ms
612ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675751161&rafmt=1&to=qs&pwprc=8715166976&format=1200x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751161401&bpp=3&bdt=713&idt=281&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FbCczL4jnd&p=http%3A//mir23.online&dtd=289

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcc49bcfb7c0ca41c3fe8b6e6af6a47655ea470b18d757056802308b56f1b704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mir23.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30995
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 06:26:02 GMT
expires: Tue, 07 Feb 2023 06:26:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 30B1 4 KB
717 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675751161&rafmt=1&to=qs&pwprc=8715166976&format=1200x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751161401&bpp=3&bdt=713&idt=281&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FbCczL4jnd&p=http%3A//mir23.online&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 06:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 04:50:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 06:26:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 30B1 2 KB
846 B 140ms
50ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:48:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 30B1 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4tbn-e7hY4yeLPrImLAPtqaakAq1iKPmbueHzJPcEJPZldSqCRABIND18VBglcKmgrAHoAGisbydAcgBCakCu3gU5vr0ST6oAwHIA8sEqgTmAU_QNlQuo34DM0kO4OiRCONZCJVfpc_INdbFxluRT5DiWiTCnl7wguqKBew-TceWuz0_kMtB7ZIyKh8sDIvmCRswd2h5P0hukfbHHDznx0P1G5vjm7Zs0onXWb5o2cCSB2UsAf8TFK-Lq8X4qLMp72iAEMGbu8-D36Ns5LyeC3b2fz2tRlQltIL3eKbF2odRbrMp2t2sDmkzdGeagtPDuz-6NGCKI0iWGdrj_l4I88m8Df6es4yhVeynR5sGeN6xbk3Jx2NHpE7g7__DWXMwPhOAt48iUdi-DXHux6B5cAV088A2NvKnwAS1gpuelASSBQQIBBgBkgUECAUYBKAGLoAHxs7D4gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCn1RbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNTkzNDAzOTI0NzQxMjIwMhgA&sigh=SGBjXW0RM-8&uach_m=[UACH]&cid=CAQSGwDUE5ymJc4F2Mj12j1BOLw-xVvIgsXQUQKNmxgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675751161&rafmt=1&to=qs&pwprc=8715166976&format=1200x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751161401&bpp=3&bdt=713&idt=281&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FbCczL4jnd&p=http%3A//mir23.online&dtd=289
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Feb 2023 06:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Feb 2023 06:26:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame 30B1 22 KB
9 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9012
x-xss-protection: 0
server: cafe
etag: 10578598109654303351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:45:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 30B1 3 KB
1 KB 138ms
52ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 30B1 18 KB
8 KB 132ms
45ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30B1 157 KB
49 KB 141ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 06:26:02 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 30B1 33 KB
14 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:32:16 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13368617893720990942/ Frame 30B1 80 KB
80 KB 161ms
80ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13368617893720990942/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19db6436d90744a6b274941d3eb7e70bbac8d89b957bb1a1d2b52a01736bace6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 00:44:04 GMT
x-content-type-options: nosniff
age: 279718
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81633
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 20:07:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Feb 2024 00:44:04 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6920262648382083975/ Frame 30B1 5 KB
5 KB 132ms
52ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6920262648382083975/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a26c0e5f4642b12b64cebf5b194cd46d4905210367a6cdf3e3824bff6318eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 01:40:03 GMT
x-content-type-options: nosniff
age: 276359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4980
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 20:57:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Feb 2024 01:40:03 GMT

GET
DATA 200
OK truncated
/ Frame 30B1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 803785eac6016439484ba3196ba6c71ee97ff9eb35e7d6b2efb017d9cdd2eb00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/ 150 KB
51 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/reactive_library_fy2021.js?bust=31071886

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3f48bf4810d0034b5d42683cdc927c5468dbd59b4694ea892fd66b705d52ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52195
x-xss-protection: 0
server: cafe
etag: 17916766244029767691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 06:26:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 55ms
50ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mir23.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 52ms
47ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mir23.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C080 90 KB
33 KB 843ms
843ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=1187716240&adf=2068404441&pi=t.aa~a.3415888743~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1865&idt=-M&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1017&ady=1622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dMDJfb7fp9&p=http%3A//mir23.online&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c7d8e6f68aff348d59c6eec417a95138c680e6bb8ea47f5df5c969e624b2550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mir23.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 33804
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 06:26:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 95A9 88 KB
33 KB 617ms
617ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=4065382214&pi=t.aa~a.1377294678~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=-M&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280&nras=4&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=1964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Lw6zUQZ284&p=http%3A//mir23.online&dtd=23

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b42e0827a57a65ce0a7b07269ff4a57fe2ed4a8fc05edf93bad67846bb8e402e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mir23.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 33699
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 06:26:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 76C4 92 KB
33 KB 1053ms
1052ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69da89ad03cea40a86e1d1e182f7e1f6a494e3c3783ee1056f86879af7ea3e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mir23.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 34224
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 06:26:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 30B1 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 404426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 14:05:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 30B1 16 KB
16 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 13:59:42 GMT
x-content-type-options: nosniff
age: 404780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 13:59:42 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/ Frame 273E 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mir23.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 03:18:51 GMT
etag: 10353107486223812946
expires: Tue, 21 Feb 2023 03:18:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/ Frame AFF9 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mir23.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 03:18:51 GMT
etag: 10353107486223812946
expires: Tue, 21 Feb 2023 03:18:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/ Frame 6BE7 10 KB
4 KB 41ms
41ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mir23.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 03:18:51 GMT
etag: 10353107486223812946
expires: Tue, 21 Feb 2023 03:18:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/ Frame 189C 10 KB
4 KB 44ms
44ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mir23.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 03:18:51 GMT
etag: 10353107486223812946
expires: Tue, 21 Feb 2023 03:18:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame C631 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 18:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 18:42:49 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 273E 4 KB
636 B 52ms
52ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 06:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 04:34:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 06:26:02 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 273E 205 B
518 B 41ms
40ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:07:39 GMT
x-content-type-options: nosniff
age: 1103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 07 Feb 2024 06:07:39 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 273E 604 B
695 B 41ms
40ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:32:50 GMT
x-content-type-options: nosniff
age: 24792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 06 Feb 2024 23:32:50 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/elements/html/ Frame 273E 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

675575eb734b5114526cdc1cc9116bea0e2189e9351700944375af81e226f62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8365
x-xss-protection: 0
server: cafe
etag: 8727046649480766555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 01:17:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame AFF9 2 KB
799 B 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:48:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame AFF9 22 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9012
x-xss-protection: 0
server: cafe
etag: 10578598109654303351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:45:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame AFF9 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame AFF9 18 KB
8 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFF9 157 KB
48 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 06:26:02 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame AFF9 33 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:32:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6BE7 6 KB
672 B 53ms
53ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 06:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 06:24:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 06:26:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 6BE7 2 KB
799 B 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:48:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame 6BE7 22 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9012
x-xss-protection: 0
server: cafe
etag: 10578598109654303351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:45:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 6BE7 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 6BE7 18 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BE7 157 KB
48 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 06:26:02 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 6BE7 33 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:32:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 189C 4 KB
621 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 06:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 06:01:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 06:26:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 189C 2 KB
799 B 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:48:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 189C 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvbRs-e7hY4SGLJHJmLAP8pa54AP7iZLtbrar-pPbEL__uePXAhABIND18VBglcKmgrAHoAG3mIGiKMgBCakC5WEiBcj4eT6oAwHIA8sEqgToAU_QtsNaQyp6jPBsNGRRiR5RgKKgmqwNo0jgmcA0zta_6L7K6NCY8VerKOc8K_V4hNENhx0zza08ctoD5NzMYfZoXXHGcu5HS1wTQ9hsrNKmIhri80eGDBdPDcuA38DRvoq1yPFUa_LjBb356XKqBzsjUDePmlfofvXejr1VJHYprBa82tfKm0YX7GhZmBMdbmfWnGZt2Bu9vcWlQ-IZxfgE3pT1hXg6y7079YNbA0TAS5Ftt7HmF6-9jjHep1J6lCE8C0mKFnNb0WMeKJhkmxk-zbrJH1C7ng72BfN1a6wMYXXpo4A_yFrABKL_j-SVBJIFBAgEGAGSBQQIBRgEoAYugAe5nv3JA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPzACNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi01OTM0MDM5MjQ3NDEyMjAyGAA&sigh=mFD_KELMpt4&uach_m=[UACH]&cid=CAQSGwDUE5ymrMN-aJ2qbteAOa_5orDSWCxwHGexuxgB&template_id=484

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Feb 2023 06:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame 189C 22 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9012
x-xss-protection: 0
server: cafe
etag: 10578598109654303351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:45:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 189C 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 189C 18 KB
8 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 189C 157 KB
48 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 06:26:02 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 189C 33 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:32:16 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/4969815793481599700/ Frame 189C 22 KB
22 KB 57ms
57ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4969815793481599700/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51b19b540f8bd09e6aa2444bad61ed48d5b5d8d523a3c932783eb991e29161fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 00:42:39 GMT
x-content-type-options: nosniff
age: 366203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22185
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 07:12:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Feb 2024 00:42:39 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7754266292466329961/ Frame 189C 6 KB
6 KB 56ms
56ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7754266292466329961/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77efe0996aa57cbec1f507ad09aaca04b20dbe2c9c0892ed8efe84eb176381e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:27:52 GMT
x-content-type-options: nosniff
age: 327490
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5757
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 07:13:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Feb 2024 11:27:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 586E 8 KB
895 B 57ms
57ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 06:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 05:41:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 06:26:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 586E 2 KB
765 B 48ms
47ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:48:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame 586E 22 KB
9 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9012
x-xss-protection: 0
server: cafe
etag: 10578598109654303351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:45:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 586E 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 586E 18 KB
7 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 586E 157 KB
48 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 06:26:02 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 586E 33 KB
14 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:32:16 GMT

GET
DATA 200
OK truncated
/ Frame 189C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29f204a4df63121a80863a67cf7e7e09f05302b6a99747bbea8c645bd1f5b507

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2B75 143 B
166 B 42ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 06:02:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BF2 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 18:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 18:42:49 GMT

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0236 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 18:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 18:42:49 GMT

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 325F 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 18:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 18:42:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 95A9 6 KB
672 B 51ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=4065382214&pi=t.aa~a.1377294678~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=-M&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280&nras=4&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=1964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Lw6zUQZ284&p=http%3A//mir23.online&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 06:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 04:49:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 06:26:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 95A9 2 KB
765 B 42ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:48:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame 95A9 22 KB
9 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9012
x-xss-protection: 0
server: cafe
etag: 10578598109654303351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:45:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 95A9 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 95A9 18 KB
7 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 95A9 0
0 133ms
48ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmlgVjLWmefyOyof21q713s__B-OM5UOGq5tg7HL-EmtqEN1qgdCxKhP1zlhWtNgdN6zmTdiY_XwMAjAyqHwItVsK7jw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=4065382214&pi=t.aa~a.1377294678~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=-M&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280&nras=4&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=1964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Lw6zUQZ284&p=http%3A//mir23.online&dtd=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95A9 157 KB
48 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 06:26:03 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 95A9 33 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:32:16 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2B75
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
48ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 06:26:03 GMT
expires: Tue, 07 Feb 2023 06:26:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 06:26:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F94 36 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 18:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 18:42:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 95A9 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYSck-u7hY6u9Jdm61wbLhICoArWIo-Zu54fMk9wQk9mV1KoJEAEg0PXxUGCVwqaCsAegAaKxvJ0ByAEJqQK7eBTm-vRJPqgDAcgDywSqBOsBT9AKl2mJY6JOuUYpvJ3RivKacGsANofPDQ0zFqGlVgqDPyXyCwExdD2DmCumK5xlk1zBUNakwcQGhKLVbe5O7ANEGyhggqhj8Y9ECT3QuCahPY4RyTkZXmK4be5AcRjh5iFn18xyAcsIrTU7UWy3y9Nard64bjXf0_zVkhjLQSJun10D8toJ4gbfeCrjsBOEcRIWhkUplZQLvXhveVBC-6gGOODWQmM8D2TMpto0iD7XbOHsoxywx5zZyd4N0RIjjdFDQaBHP4a4eW3Cazrd_-k5vXMwLEm2GGWoFCpawEOPv0CF5nh7TrFu7MAEtYKbnpQEkgUECAQYAZIFBAgFGASgBi6AB8bOw-ICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ1vUB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTU5MzQwMzkyNDc0MTIyMDIYAA&sigh=OeI1g3Cmw8E&uach_m=[UACH]&cid=CAQSPADUE5ym-7kFxe5MrphCXHjPXqMG39njEXhdp9r-twKK8Y6xhePScH5uE2GFUXbmsgAXt4dgtmaxfKpgqRgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=4065382214&pi=t.aa~a.1377294678~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=-M&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280&nras=4&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=1964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Lw6zUQZ284&p=http%3A//mir23.online&dtd=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Feb 2023 06:26:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14047072611280008404/ Frame 95A9 21 KB
21 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14047072611280008404/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19cbff38d0e9e2776d1227fb3c83d4fc4a9fe1b7a5e10c3f0dab30484a9f17c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:00:20 GMT
x-content-type-options: nosniff
age: 217543
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21374
x-xss-protection: 0
last-modified: Sat, 17 Dec 2022 17:58:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Feb 2024 18:00:20 GMT

GET
DATA 200
OK truncated
/ Frame 95A9 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 24E1 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56648
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Tue, 07 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 95A9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea9c3106d56ff8e65472803baed19ca6bec1300831e388143b64059924a7f4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 24E1 35 B
463 B 174ms
42ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN-wk0YKe6GSmBMctY8xgHQ&google_cver=1&google_push=Aa02lx_V4HtU4uKYMIn7PGfPYB6SJK8MHeRpSJ-FPCip4JTj30hMtDO1P380g69psyM77tvfhcZN7GUWF5tcrfSCXM2jOV4a6x64wimcr-hhevndEHxatKfd-aIQGrwSguSbG-nhchtkqRyE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 24E1 0
98 B 179ms
48ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAa02lx8HW91Od0hfVIKBudfu0H_aOcU2n-G584e--_YGC2aqNmiThJQpV0k0-sJHUVOM4MW4Hp_I0POzZvwIwbGjhslkUxcHpElEcq-p9vJ_0OYQao5L0mKeoDNJ3Fa7GqFd3CH5YKvUBuEr&google_gid=CAESEHh1uT6algUjgm8jzJA-QuM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=4065382214&pi=t.aa~a.1377294678~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=-M&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280&nras=4&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=1964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Lw6zUQZ284&p=http%3A//mir23.online&dtd=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 24E1
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx_ECvWl...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx_ECvWl...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMDcwNjI2MDQwMDA4MzIwNzExNTE0Ng%3D%3D&google_push=Aa02lx_ECvWlb_X65P-2LAKBj5tHCR0rXREjuIGa068945dJ0SPprbShPXvD-mOd7v5YGb...

170 B
188 B

77ms
76ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMDcwNjI2MDQwMDA4MzIwNzExNTE0Ng%3D%3D&google_push=Aa02lx_ECvWlb_X65P-2LAKBj5tHCR0rXREjuIGa068945dJ0SPprbShPXvD-mOd7v5YGbQGmHSKd0Zu96_7KVB62pYfCuGOUsxu4giD0MpNNaBEPKuQ05EYnJBZVhEekAg3IgQKxNg8FmPr

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMDcwNjI2MDQwMDA4MzIwNzExNTE0Ng%3D%3D&google_push=Aa02lx_ECvWlb_X65P-2LAKBj5tHCR0rXREjuIGa068945dJ0SPprbShPXvD-mOd7v5YGbQGmHSKd0Zu96_7KVB62pYfCuGOUsxu4giD0MpNNaBEPKuQ05EYnJBZVhEekAg3IgQKxNg8FmPr
pragma: no-cache
date: Tue, 07 Feb 2023 06:26:04 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 07 Feb 2023 06:26:04 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 24E1 43 B
351 B 177ms
48ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECSVROVTWx8h1mHPXkWFtso&google_cver=1&google_push=Aa02lx9VgGlHDVyGm0hX8JdhuhcgEfBxowQh96o8DMB-jHHlqurJb60pnJnCZRMzPr37KKZziNYCic-M9FKPN6qaxvxSzaYKrWkFNMfEvyWDydtrd8BV6vADk8SBppTznlqqjE4FB5BQe4g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=4065382214&pi=t.aa~a.1377294678~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=-M&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280&nras=4&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=1964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Lw6zUQZ284&p=http%3A//mir23.online&dtd=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 215vqvounah6gt6um8orckdj9grics36

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 24E1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dtamjavnSvy-PU_ooC5Muw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
329 B

88ms
76ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dtamjavnSvy-PU_ooC5Muw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_bbOdxmPGqSt_asaHYCZn40_9QMNTmh7x41RjWMZqlvylMe5r4ZFGzR2aJKOqYs4dh8y2lvgzv7NucaRYrBjh6srgqn6wEs4BDJP0i8VTa3XiNuMmv4h_hV2N2UG0IUL4_JY6reUTa

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dtamjavnSvy-PU_ooC5Muw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_bbOdxmPGqSt_asaHYCZn40_9QMNTmh7x41RjWMZqlvylMe5r4ZFGzR2aJKOqYs4dh8y2lvgzv7NucaRYrBjh6srgqn6wEs4BDJP0i8VTa3XiNuMmv4h_hV2N2UG0IUL4_JY6reUTa
date: Tue, 07 Feb 2023 06:26:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 24E1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_hm=Y-Hu--n9MJAiDOd087MvRgAABIYAAAIB&google_nid=index&google_push=Aa02lx-KobqL3VwDMWYNCC6URbISNw0nIE3hq...

170 B
232 B

86ms
78ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_hm=Y-Hu--n9MJAiDOd087MvRgAABIYAAAIB&google_nid=index&google_push=Aa02lx-KobqL3VwDMWYNCC6URbISNw0nIE3hqfkQOt6Jn37kbAXBVIAxYVlsRDZNYkNq4f6b-IeyWIDUQyjTDfZJMEYWlCgF4VuyOxWpmLZmE1ZbqjdxEiCOVBqCrJRfy6CrjNkMIJJQR58e

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCf7WwPkn7BHgX8mqm538UgyNoA9fAalGKewbdOXOS80W2knoGUijNS0xMBEl5zX%2BrCuZ3uvqWymhtXE7jClF00iTMTHGSBo4GylCCCRJaJrUKmU13I0Qv39Ae0dDYj%2B1r7jl3%2BWNq3Atw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_hm=Y-Hu--n9MJAiDOd087MvRgAABIYAAAIB&google_nid=index&google_push=Aa02lx-KobqL3VwDMWYNCC6URbISNw0nIE3hqfkQOt6Jn37kbAXBVIAxYVlsRDZNYkNq4f6b-IeyWIDUQyjTDfZJMEYWlCgF4VuyOxWpmLZmE1ZbqjdxEiCOVBqCrJRfy6CrjNkMIJJQR58e
cache-control: no-cache
cf-ray: 795a0d44a9c45c62-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 24E1 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 24E1 0
130 B 242ms
75ms Image
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJXAO_G3e-eLshEzKqowCVU1yFC1HxEP4758jAx6PTNsVmezxO0oednAMzvTiHv6rLP0_fXg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 95A9 15 KB
16 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 49271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 95A9 15 KB
15 KB 46ms
45ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 20:40:44 GMT
x-content-type-options: nosniff
age: 294319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 20:40:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C080 6 KB
672 B 61ms
59ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=1187716240&adf=2068404441&pi=t.aa~a.3415888743~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1865&idt=-M&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1017&ady=1622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dMDJfb7fp9&p=http%3A//mir23.online&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 06:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 06:05:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 06:26:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame C080 2 KB
765 B 45ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:48:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame C080 22 KB
9 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9012
x-xss-protection: 0
server: cafe
etag: 10578598109654303351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:45:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame C080 3 KB
1 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame C080 18 KB
7 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C080 0
0 49ms
48ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSv6hp-OHBNpQqKg6ppAOpZzzg8q1hpgJfKwMWcyTK9JZsnlPw459a-9g9UjSA1LQmB52Y-zMXvKlhx6oj5HnwR9W9iqg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=1187716240&adf=2068404441&pi=t.aa~a.3415888743~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1865&idt=-M&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1017&ady=1622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dMDJfb7fp9&p=http%3A//mir23.online&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C080 157 KB
48 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 06:26:03 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame C080 33 KB
14 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:32:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C080 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7YNw-u7hY8bxJMjFxgKGorbwBN2ru5Fsqb2svZoK6NDvgJkCEAEg0PXxUGCVwqaCsAegAfXyvc8DyAEJqAMByAPLBKoE7AFP0Km6lMJo6Q7S6vqRBU8ydxYpkZ3PSYdLpHXBBVKe-J8du6hBGAXyCxF6r7bW3XKJ4D4Fpzs8Le8WVVxnWixLE8QaGaicWjj4HvOQnbUkmQtFmRhy73k1tDaWQnm-GO4NbBqzBtFoJOJoGO6m4xqmuPxEdsSbktodal78lZbZb9TKd2enxiCTTTbbIDuAsb8TQaSH4ciHVmPR7J7HbyhyDwhX0n_YepAIwgpiBFeNC9mQtQ2-Mpwf4ttoVvkHM8Z6fFrWk8RNjwS7DPcVX4a__LZeU6PUMWxD-S287CaX1N5Zt7oNDqFOA1Xq6MAE1KmZkLEBkgUECAQYAZIFBAgFGASgBi6AB_OMwjCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxC0VdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTC4gUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi01OTM0MDM5MjQ3NDEyMjAyGAA&sigh=TSzWAVGFBRQ&uach_m=[UACH]&cid=CAQSPADUE5ymO_WqLkihMXRQ3XZ0YdoiNcqVmOJA59iKDRmFlIlrpTbJFkuHWu7boGblT1xKt673PhVh5h7RYxgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=1187716240&adf=2068404441&pi=t.aa~a.3415888743~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1865&idt=-M&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1017&ady=1622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dMDJfb7fp9&p=http%3A//mir23.online&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Feb 2023 06:26:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16122196167920385807/ Frame C080 10 KB
10 KB 46ms
45ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16122196167920385807/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004447a3045e5d1f637f97c14dd2693fc78dc0a1ef822fd5230ffb9dcf87034d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 13:42:36 GMT
x-content-type-options: nosniff
age: 233007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10210
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 10:19:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Feb 2024 13:42:36 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7005194109158272887/ Frame C080 11 KB
11 KB 52ms
52ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7005194109158272887/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d50f4089ab3d289ffa59964ab498a942963625a8afbb51f69d808f5bda7c4752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 01:54:00 GMT
x-content-type-options: nosniff
age: 102723
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11732
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 10:54:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 06 Feb 2024 01:54:00 GMT

GET
DATA 200
OK truncated
/ Frame C080 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame B887 36 KB
14 KB 53ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 18:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 18:42:49 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1102 1 KB
643 B 41ms
39ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56648
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Tue, 07 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C080 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d4c9d37a30eec75e70a421a389170b3284169bbbce9e3e5b6a718ee23dfcf9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C080 15 KB
16 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 49271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C080 15 KB
15 KB 46ms
45ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 20:40:44 GMT
x-content-type-options: nosniff
age: 294319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 20:40:44 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1102
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN-wk0YKe6GSmBMctY8xgHQ&google_cver=1&google_push=Aa02lx8CQxnSp7G3l5BOlUO6uorjPJMzQo48-LpzA4qFmOv9tGyK3WhVbS...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8CQxnSp7G3l5BOlUO6uorjPJMzQo48-LpzA4qFmOv9tGyK3WhVbSfVOrMFRYh_siUfbb9Sowd4EERIsehEM08x7rJz3ALXWffZg3BTZpgiRgCOIndGcOJ...

170 B
232 B

89ms
77ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8CQxnSp7G3l5BOlUO6uorjPJMzQo48-LpzA4qFmOv9tGyK3WhVbSfVOrMFRYh_siUfbb9Sowd4EERIsehEM08x7rJz3ALXWffZg3BTZpgiRgCOIndGcOJV13r15Fr0Rdx43AyBQyTR&google_hm=XPBAAaL6aM76sSfC2sm2Dg

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8CQxnSp7G3l5BOlUO6uorjPJMzQo48-LpzA4qFmOv9tGyK3WhVbSfVOrMFRYh_siUfbb9Sowd4EERIsehEM08x7rJz3ALXWffZg3BTZpgiRgCOIndGcOJV13r15Fr0Rdx43AyBQyTR&google_hm=XPBAAaL6aM76sSfC2sm2Dg
pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1102
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECPEBDa8DGHZR_Nv-1yO4lA&google_cver=1&google_push=Aa02lx89QCSchPU0XaMe0R1MISCWcA9swTuTHHYtamFAXvQQL6EvFwaVjO_WQJPS03Bxc95ElqYnIPLvM9fCDyyzfYZjjOLTF5EqX...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx89QCSchPU0XaMe0R1MISCWcA9swTuTHHYtamFAXvQQL6EvFwaVjO_WQJPS03Bxc95ElqYnIPLvM9fCDyyzfYZjjOLTF5EqXHfKiK-uVLtYQK2l7Gjpwt9iUcVYetz0...

170 B
188 B

107ms
107ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx89QCSchPU0XaMe0R1MISCWcA9swTuTHHYtamFAXvQQL6EvFwaVjO_WQJPS03Bxc95ElqYnIPLvM9fCDyyzfYZjjOLTF5EqXHfKiK-uVLtYQK2l7Gjpwt9iUcVYetz058UI2GgB8yVZ&google_hm=Q0FFU0VDUEVCRGE4REdIWlJfTnYtMXlPNGxB

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 06:26:03 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx89QCSchPU0XaMe0R1MISCWcA9swTuTHHYtamFAXvQQL6EvFwaVjO_WQJPS03Bxc95ElqYnIPLvM9fCDyyzfYZjjOLTF5EqXHfKiK-uVLtYQK2l7Gjpwt9iUcVYetz058UI2GgB8yVZ&google_hm=Q0FFU0VDUEVCRGE4REdIWlJfTnYtMXlPNGxB
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1102
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx-CzD6V...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx-CzD6V...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMDcwNjI2MDQwMDAxMjc5MDgyMDg4NQ%3D%3D&google_push=Aa02lx-CzD6V-4TH8IMAvuDFrTbl1YAghPXd8p2BhFrRBWvmgpgAfWxH47UWDy9Bayk1Io...

170 B
188 B

79ms
79ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMDcwNjI2MDQwMDAxMjc5MDgyMDg4NQ%3D%3D&google_push=Aa02lx-CzD6V-4TH8IMAvuDFrTbl1YAghPXd8p2BhFrRBWvmgpgAfWxH47UWDy9Bayk1IojJdoV2rgedb_mjNPjDdUntyPC-TxHqsYuXF0kErY7gNGM0w3A63DQIX6OzdjG9nzEKCyDYvdR6

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMDcwNjI2MDQwMDAxMjc5MDgyMDg4NQ%3D%3D&google_push=Aa02lx-CzD6V-4TH8IMAvuDFrTbl1YAghPXd8p2BhFrRBWvmgpgAfWxH47UWDy9Bayk1IojJdoV2rgedb_mjNPjDdUntyPC-TxHqsYuXF0kErY7gNGM0w3A63DQIX6OzdjG9nzEKCyDYvdR6
pragma: no-cache
date: Tue, 07 Feb 2023 06:26:04 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 07 Feb 2023 06:26:04 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1102 43 B
135 B 51ms
49ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECSVROVTWx8h1mHPXkWFtso&google_cver=1&google_push=Aa02lx--ynZFSS-44imVd40N-ItcYJq92wfywlmX0bePTDUcu89pJ2VSFuRTVHSB_9mhTbi7LKn0MYZ-4cRWo-UDt5X0Npl8ynNLrKuGBoi9tjdMKurj54T095bUXcXXEfvts3vUlAAKKtg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=1187716240&adf=2068404441&pi=t.aa~a.3415888743~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1865&idt=-M&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1017&ady=1622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dMDJfb7fp9&p=http%3A//mir23.online&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:02 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: n9743j633lcjgk31bp7l8gafo277ojl0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1102
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bieg6N-ORD6YL8aO59E3LQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

89ms
77ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bieg6N-ORD6YL8aO59E3LQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-Jac45p-XdXiTi-kPUN7t30u5_3wycAXAuhziMjgry6tv0GgWmCQnH4TrondgFr6YmHdz-L0C8EhU5H_tC8YdGgqQL76STLs3jdJmlzi0a4CUkVS_1UYQrJE55fHRuESxlgCWiGjhf

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bieg6N-ORD6YL8aO59E3LQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-Jac45p-XdXiTi-kPUN7t30u5_3wycAXAuhziMjgry6tv0GgWmCQnH4TrondgFr6YmHdz-L0C8EhU5H_tC8YdGgqQL76STLs3jdJmlzi0a4CUkVS_1UYQrJE55fHRuESxlgCWiGjhf
date: Tue, 07 Feb 2023 06:26:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1102
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECxhkEBJAXcbxWd3KkMbZgg&google_cver=1&google_push=Aa02lx97PgSD4sbAuyFudHauus7J_IlBPqttCHcBp0UyRki7rmhwTRGSkd_ULpOPR69v3dFGWEl...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERUVVo1QjAtRi00NTU2&google_push=Aa02lx97PgSD4sbAuyFudHauus7J_IlBPqttCHcBp0UyRki7rmhwTRGSkd_ULpOPR69v3dFGWEl_qsmMlwaiVSK8S7VKC_7S_W1auwuXn...

170 B
188 B

109ms
108ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERUVVo1QjAtRi00NTU2&google_push=Aa02lx97PgSD4sbAuyFudHauus7J_IlBPqttCHcBp0UyRki7rmhwTRGSkd_ULpOPR69v3dFGWEl_qsmMlwaiVSK8S7VKC_7S_W1auwuXnoFf0W9n3B17Ee3iz6phy4xsN__xgPNLMkJA2uPk

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERUVVo1QjAtRi00NTU2&google_push=Aa02lx97PgSD4sbAuyFudHauus7J_IlBPqttCHcBp0UyRki7rmhwTRGSkd_ULpOPR69v3dFGWEl_qsmMlwaiVSK8S7VKC_7S_W1auwuXnoFf0W9n3B17Ee3iz6phy4xsN__xgPNLMkJA2uPk
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1102
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_hm=Y-Hu--n9MJAiDOd087MvRgAABIYAAAIB&google_nid=index&google_push=Aa02lx93gsEommvPgASwnoHqEuQZY6j5Eg6aj...

170 B
232 B

81ms
79ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_hm=Y-Hu--n9MJAiDOd087MvRgAABIYAAAIB&google_nid=index&google_push=Aa02lx93gsEommvPgASwnoHqEuQZY6j5Eg6ajJq8r0XNyFyjb8_ez1O2zwSusnw_CAv8qP7guESvZ5D0V9Yy8B654pwc8YGZK_a3VDzmhqCZxVshYaPlThizkGZp6upMOrUJkAscT98G3SMg

Requested by

Host: mir23.online
URL: http://mir23.online/

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DB2ExfkL%2B0avvyv0TCCxExV%2BLqniZf0uxaezuClozkL5gYZR1alq%2FPjO2%2B1tsURpc20TqLlQIeF9GhGcasCUJksbfA6fdaY2GFxVRkCK89cekk7Qkg2BWh0ZBJowe9zRw%2FldAI%2B%2Bs1cBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_hm=Y-Hu--n9MJAiDOd087MvRgAABIYAAAIB&google_nid=index&google_push=Aa02lx93gsEommvPgASwnoHqEuQZY6j5Eg6ajJq8r0XNyFyjb8_ez1O2zwSusnw_CAv8qP7guESvZ5D0V9Yy8B654pwc8YGZK_a3VDzmhqCZxVshYaPlThizkGZp6upMOrUJkAscT98G3SMg
cache-control: no-cache
cf-ray: 795a0d44b9d05c62-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1102 0
40 B 77ms
76ms Image
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lexr_vIRnFBt4QhpD8tXDX1M55kiBJ22vKKDLyWuHggxtTiP8_-vXmQFiNPqz-Btx1WqWj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame 76C4 6 KB
672 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 06:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 04:30:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 06:26:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 76C4 2 KB
765 B 45ms
44ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:48:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 76C4 0
0 88ms
88ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaPc--u7hY-uqJt_BmLAP2saxqAfdq7uRbKm9rL2aCt2Mp72tAhABIND18VBglcKmgrAHoAH18r3PA8gBCagDAcgDywSqBOwBT9AnRqN4iXR_Kw0M5EUxtKXvRT4CmJW7r4LVminZyuw4Qjmcj3cPcl6ENAe_-KTZqOLt6_PvcPanUpTfinJtCi_IE1ZQdPKhaH_fChN-e_WXU8UEjwQzvbjD6bcxY7YN2226SD2YhwjWhha13zXqA02-o2t-KFqm_YLSIlzNy7oNZ-i9ip57ruPnupQl_NajqSALgJ8lL7_UO_z_TIRN8AlY5rSNWgeFupuwwuYlEGc154MJTcMLxvFEzi5PKuULm8GKbsZU_8KGOtuonFv15gRptQlas9XEFjpyTJNXErgWzGv3dkKBkE1fhGvABNSpmZCxAZIFBAgEGAGSBQQIBRgEoAYugAfzjMIwqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5dYC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMLiBQD0BUBmBYBgBcBshccChoIABIUcHViLTU5MzQwMzkyNDc0MTIyMDIYAA&sigh=nnSHyGMTyPs&uach_m=[UACH]&cid=CAQSPADUE5ymKOBmGAhDfPATZ-DjI2vLdEW6wzQN_rXtCbHw1_JigRW2OwDi0kKpRSltugkU56f_VCGMzwVMoxgB&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Feb 2023 06:26:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame 76C4 22 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9012
x-xss-protection: 0
server: cafe
etag: 10578598109654303351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:45:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 76C4 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 76C4 18 KB
7 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 00:44:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 76C4 0
0 47ms
47ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbXWeHJ0lGMyCPM8EEVq5NR-uOFP7UbEJI-fLkEPgdhXL5GnafkOP18crBHnlcikrRwBxPogZO0A9h5I1mmYCwq0Tagw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76C4 157 KB
48 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 06:26:03 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 76C4 33 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:32:16 GMT

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame AEE0 36 KB
14 KB 52ms
45ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 18:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 18:42:49 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16122196167920385807/ Frame 76C4 10 KB
10 KB 48ms
41ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16122196167920385807/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004447a3045e5d1f637f97c14dd2693fc78dc0a1ef822fd5230ffb9dcf87034d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 13:42:36 GMT
x-content-type-options: nosniff
age: 233007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10210
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 10:19:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Feb 2024 13:42:36 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7005194109158272887/ Frame 76C4 11 KB
11 KB 52ms
47ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7005194109158272887/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d50f4089ab3d289ffa59964ab498a942963625a8afbb51f69d808f5bda7c4752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 01:54:00 GMT
x-content-type-options: nosniff
age: 102723
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11732
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 10:54:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 06 Feb 2024 01:54:00 GMT

GET
DATA 200
OK truncated
/ Frame 76C4 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 30B1 42 B
174 B 80ms
77ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshDKq8qh2S8LpTNgSP4D0yVkPUHzbqYL1ZmiTQfEQPbXqsYaqBDETTVB_rIS8A8wnc3G6FSYYIZdO7qx7dp49OBX_BKCrQX_XGe0HccUpSq1QRxwVhAAdRXC2e4TFsS0H8_B2EWg&sai=AMfl-YQuDfDUbalSkjztglPYf4Alkgnz_1_IMHpji1ADW90uLpP1H-c9JXKB6_xzUXiF81BT84T44Yy8lGYc&sig=Cg0ArKJSzK5D9OArjF0XEAE&cid=CAQSGwDUE5ymJc4F2Mj12j1BOLw-xVvIgsXQUQKNmxgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2767623100&rs=2&la=1&cr=0&vs=4&r=v&rst=1675751161690&rpt=963&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0ADB 1 KB
643 B 44ms
43ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56648
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Tue, 07 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 76C4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20f04a403f02175635c342c6694a2816cd4a2cb0e989511e4d6bc7d8b93cd679

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0ADB
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN-wk0YKe6GSmBMctY8xgHQ&google_cver=1&google_push=Aa02lx8lHA1kMLPe8z4vO33wGz8hzLEhjiRfoDLKE3uCtLn3lv4wyJkByv...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8lHA1kMLPe8z4vO33wGz8hzLEhjiRfoDLKE3uCtLn3lv4wyJkByv4_LMNDCGYDM8hGfBA2-NpnJiy53I39loPjIoQBGi_x&google_hm=XPBAAaL6aM76...

170 B
188 B

112ms
79ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8lHA1kMLPe8z4vO33wGz8hzLEhjiRfoDLKE3uCtLn3lv4wyJkByv4_LMNDCGYDM8hGfBA2-NpnJiy53I39loPjIoQBGi_x&google_hm=XPBAAaL6aM76sSfC2sm2Dg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8lHA1kMLPe8z4vO33wGz8hzLEhjiRfoDLKE3uCtLn3lv4wyJkByv4_LMNDCGYDM8hGfBA2-NpnJiy53I39loPjIoQBGi_x&google_hm=XPBAAaL6aM76sSfC2sm2Dg
pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0ADB
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Fdzia...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Fdzia...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMDcwNjI2MDQwMDA3NTQxMTczODA0Nw%3D%3D&google_push=Aa02lx8Fdzia-ePnjBDEAzN56xnzKG5utWBGQUXGRuXO2cvhYgNNoTZxQrHeEE0kLdu5-g...

170 B
188 B

77ms
76ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMDcwNjI2MDQwMDA3NTQxMTczODA0Nw%3D%3D&google_push=Aa02lx8Fdzia-ePnjBDEAzN56xnzKG5utWBGQUXGRuXO2cvhYgNNoTZxQrHeEE0kLdu5-gtAfe1BE53ukDTxc1VkrrwrAAqaLETx

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMDcwNjI2MDQwMDA3NTQxMTczODA0Nw%3D%3D&google_push=Aa02lx8Fdzia-ePnjBDEAzN56xnzKG5utWBGQUXGRuXO2cvhYgNNoTZxQrHeEE0kLdu5-gtAfe1BE53ukDTxc1VkrrwrAAqaLETx
pragma: no-cache
date: Tue, 07 Feb 2023 06:26:04 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 07 Feb 2023 06:26:04 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 0ADB 43 B
64 B 102ms
100ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECSVROVTWx8h1mHPXkWFtso&google_cver=1&google_push=Aa02lx-JAPTzShmz-gppyZP9sUpb-oLCtH0bfm-s38LH4196Jfea_UW3oGIiqlO_gkS1IVKl_8JE-U2vzOk_x6SnhrVdRADDVMo_
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 2sel2ed04de2uoma8siv6go2d3e54g14

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0ADB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bieg6N-ORD6YL8aO59E3LQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

111ms
79ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bieg6N-ORD6YL8aO59E3LQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-XXbodtxqZs1EOuGJH4c_5fZiT9AdpH-u6z-N4pV3C66QauyDFtlAwn4Urh36wXvoH_ak14uY5lPFb5bFOBf4fGAOY4Rw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bieg6N-ORD6YL8aO59E3LQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-XXbodtxqZs1EOuGJH4c_5fZiT9AdpH-u6z-N4pV3C66QauyDFtlAwn4Urh36wXvoH_ak14uY5lPFb5bFOBf4fGAOY4Rw
date: Tue, 07 Feb 2023 06:26:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0ADB
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECxhkEBJAXcbxWd3KkMbZgg&google_cver=1&google_push=Aa02lx-A43D4CnzwRaxrTg92OEyMCmIQj38sCme98FJKkMVlIFM12D2bxFRMFbeeL0FkesSpB1-...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERUVVo1Q0otMVktRENKTg==&google_push=Aa02lx-A43D4CnzwRaxrTg92OEyMCmIQj38sCme98FJKkMVlIFM12D2bxFRMFbeeL0FkesSpB1-VJyZJ89la7CClhnVrrBU6U5Ex

170 B
188 B

138ms
75ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERUVVo1Q0otMVktRENKTg==&google_push=Aa02lx-A43D4CnzwRaxrTg92OEyMCmIQj38sCme98FJKkMVlIFM12D2bxFRMFbeeL0FkesSpB1-VJyZJ89la7CClhnVrrBU6U5Ex

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERUVVo1Q0otMVktRENKTg==&google_push=Aa02lx-A43D4CnzwRaxrTg92OEyMCmIQj38sCme98FJKkMVlIFM12D2bxFRMFbeeL0FkesSpB1-VJyZJ89la7CClhnVrrBU6U5Ex
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0ADB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_hm=Y-Hu--n9MJAiDOd087MvRgAABIYAAAIB&google_nid=index&google_push=Aa02lx9vFsuIOmGsh8DttjVdw31NOau_mA-l1...

170 B
188 B

97ms
76ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_hm=Y-Hu--n9MJAiDOd087MvRgAABIYAAAIB&google_nid=index&google_push=Aa02lx9vFsuIOmGsh8DttjVdw31NOau_mA-l1itBTvz5pNEWSxXB-sAHbF9wPRaYl8p3HMAF8zsbUpQ3R54k-cL-vC6PLv-MED9X

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2K14HJO13eK6is2tIy3gG02J9xBUnCLvNn%2Blz%2BGTwcKorVAHk6S0Yi4ge%2FAu4GnZhB3xJLUd7EU323%2BXBBCcWImruz5%2Bn1sP4e8F4CsvsSUZbKX5sGXrU6SgjCRZYbSqO5fFsYT1j3YIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByP9Zh1aZ8VkqRI5BJc2KQ&google_hm=Y-Hu--n9MJAiDOd087MvRgAABIYAAAIB&google_nid=index&google_push=Aa02lx9vFsuIOmGsh8DttjVdw31NOau_mA-l1itBTvz5pNEWSxXB-sAHbF9wPRaYl8p3HMAF8zsbUpQ3R54k-cL-vC6PLv-MED9X
cache-control: no-cache
cf-ray: 795a0d461f42366b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 0ADB 43 B
297 B 303ms
47ms Image
image/gif 2a05:d01c:1d8:8100:e1bd:7041:688d:fd77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEB-0terel8RbULnsjrBPfZU&google_cver=1&google_push=Aa02lx8RCGgQN5n0dWgoch56BIGjS_lDzT4VL6rAgbyWEjTr_R3nIcK1nHNf0lQwEYJtIjdoOwivKggLkqGKwhuf-JG74WJHwWYH
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:e1bd:7041:688d:fd77 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Feb 2023 06:26:04 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0ADB 0
12 B 102ms
101ms Image
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IUo0qKmaOaL3zJb7-pLeQA_Pl98QJrMjCung00_w0vvNO24PPUnCB9QNEd-e8POAEPv-3L

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 76C4 15 KB
16 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 49271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 76C4 15 KB
15 KB 76ms
75ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 20:40:44 GMT
x-content-type-options: nosniff
age: 294319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 20:40:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 55ms
55ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230202&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4dc0eeb98c9cfe1db52914d2a13fc0f1b3cd522d1cc33b5e76554eefcb76b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11278
x-xss-protection: 0

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame C920 36 KB
14 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 18:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 18:42:49 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 76C4 63 KB
24 KB 154ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5934039247412202&output=html&h=280&adk=2140404406&adf=2608156387&pi=t.aa~a.1377289277~rp.3&w=353&fwrn=4&fwrnh=100&lmt=1675751162&rafmt=1&to=qs&pwprc=8715166976&format=353x280&url=http%3A%2F%2Fmir23.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675751162554&bpp=1&bdt=1866&idt=1&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da555731f600f139f-22eeaa2ca4db0077%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw&gpic=UID%3D00000bb136794a84%3AT%3D1675751161%3ART%3D1675751161%3AS%3DALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw&prev_fmts=0x0%2C1200x280%2C353x280%2C353x280&nras=5&correlator=6432416050169&frm=20&pv=1&ga_vid=1419573672.1675751162&ga_sid=1675751162&ga_hid=2068749725&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=1988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071886&oid=2&psts=AD37Y7soR36zyYe61Uh7PNCfkX8Eo41iDPBCfce0jlTeicgZhe1x8crVxRizt5NrxiAi8gmEYQlthSlTpkjxqStEgA&pvsid=374323713679660&tmod=1523098268&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=r85ojdo123&p=http%3A//mir23.online&dtd=35

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

953ab4f0b3453770aa2a962abe82f4b056a59a7f2bb402aab67765a32558c7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2415
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23967
x-xss-protection: 0
server: cafe
etag: 6286698686986819286
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 06:45:49 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 06:26:04 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 189C 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjOsjF3yT1vVllrVMym25X_n_w9Oe0MNMFFgjRpw7AyqPfQThK6jTYwasABKPEOOwSsHhHm8Pe8k8UOM7QANsWYpm-aDf4cpLXn5Y8-DX_Esvy4JYCZHkevJFUhAw6p_6skgnnHQ&sai=AMfl-YQbg-lzw-KxZFxGulESEIYBtO1FHgv70lP7garGtaMTwgtdfDsW6TDiAZloYzzZHvxERxrClVPgVgJf&sig=Cg0ArKJSzHvQtGKSTUv_EAE&cid=CAQSGwDUE5ymrMN-aJ2qbteAOa_5orDSWCxwHGexuxgB&id=lidar2&mcvt=1062&p=0,0,124,1005&mtos=162,807,1062,1143,1143&tos=162,645,255,81,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1675751162682&rpt=295&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1FA8 13 KB
5 KB 45ms
40ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mir23.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 22:37:12 GMT
expires: Tue, 06 Feb 2024 22:37:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D4C4 783 B
537 B 50ms
49ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b83accd19bffcea2b6f8a131d7cd7a4989c1357a38540bf5d52806f887f7f424

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0Cr5Id35G-OT8B_qIFkkGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mir23.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-0Cr5Id35G-OT8B_qIFkkGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 06:26:04 GMT
expires: Tue, 07 Feb 2023 06:26:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 76C4 0
20 B 77ms
77ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=urind

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 76C4 0
234 B 988ms
283ms Ping
image/gif 2404:6800:4005:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~ldtuz5lg&e=21068133&ctx=2&gqid=-u7hY-nHJea0nsEP5ta0wAI&qqid=COuPn8bjgv0CFd8gBgAdWmMMdQ&met.4=fb.ub~lb.vv~cmrload.yp~ol.12c~bdt.-1gu~bpp.-z~idt.-z~dtd.-1~dt.-10&met.3=733.xq~748.y5~742.xq_i~555.yk~739.yk~556.yk~738.129~749.129_3~735.12p_2~113.187_a~112.186_c&met.1=1.ldtuz4da~6.1~7.1~8.1~9.1~10.1~12.2~13.ta~14.tn~15.td~16.yk~17.yk~18.yl~19.11q~20.11q~21.12d&met.7=CAUQCBgBMKsIOOQKaAFwnQh43I0CgAGwiwKIAf_eBbABAbgBAw~CBIQBxgBIKkIKKkIMN0IODRoqghw3Ah4sAeAAYQFiAGWL6oBFAoSUm9ib3RvOjMwMCw0MDAsNzAwsAEBuAED~CBwQChgBIKoIKKoIMNgIOC5oqghw1wh4jgiAAeIFiAGRDLABAbgBAw~CCEQBBgBIMkIKMkIMKIJOFloyQhwoQl4rAKwAQG4AQM~CAkQChgBIMoIKMoIMPMIOCpoyghw8Qh44EiAAbRGiAGQswGwAQG4AQM~CB4QChgBIMoIKMoIMPkIOC9oyghw8gh4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIMoIKMoIMPgIOC5oywhw8wh4iz6AAd87iAGXkAGwAQG4AQM~CBsQBhgBIMoIKMoIMPoIODA~CCoQChgBIMsIKMsIMI4JOEM~CBsQChgBIMsIKMsIMPkIOC4~CBcQAhgBIM8IKM8IMIUJODdo2AhwgAl4jlKAAeJPiAHiT7ABAbgBAw~CBcQAhgBIM8IKM8IMIsJODxo2Ahwhwl4gF6AAdRbiAHUW7ABAbgBAw~CBwQBRgBIPgIKPgIMKkJODFo_AhwqAl4lgeAAeoEiAGWCbABAbgBAw~CCgQChgBIOsKKOsKMK8MOMQBQO8KSPsKUPsKWN4LYKgLaOELcIgMeMu9AYABn7sBiAHZ-wOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 06:26:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D4C4 0
0 79ms
78ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230202&jk=374323713679660&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1FA8 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 18:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 18:42:49 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1FA8 0
10 B 63ms
63ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-cKPbQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 06:26:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
75ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230202&jk=374323713679660&bg=!QkGlQQXNAAaq5O5FiuQ7ACkAdvg8Wv3B4SwKnt7oeuHWGRpSlnblF0VaOH7hFuE0e5nSD1LoZCtvPgIAAACKUgAAAAhoAQcKAOTb4HaU9IyYB3snGQkCPVyPPSuGBdhc_S1nl0tiVbrc9hQ7A-UnCXEfE2gbtb47TQov1vVKpUtbZR-TtojArnyxhJcZlXA7xQ7-W9DPd_kNpUjvXK3A2mvR_mPrecWeF3AcOB-jGRxIr100vEVKwIdA8i4oceuf9PUplTwO96mcMiqv0MuZiUyIeezrYznQzoKB0nBB75GiL2J4miKDtOs0fllfNJZAyksJZaJCjpwxKoOs5YSFzGM0ayj66L-OucuYOU_r9sh103mOOXIhj3J8YxgWiSxt0zQgGYqdsFxS5AcWjxCZApsbM5XpIHa01paGlmXx80eLaWL8ooi43_k27Qw6sLD3D8sQ9ep7riT2Cz5DpPYzzYl3JqSM5XzUM_YhkvbWLrGhwFCzidi7ivqu3-F9R_uXihY-2xPOv4xuvErpWZ113XUz3udNbNb4CZi5-ROyuVpPBoIBAO100buNuvily1mN9DAjpxXbOwppVlYtz_uP72-rmI24ogqm7Nz_fJ5YlH_j_iYonGwneiHa9Lqf3kB0npAn-zgCS5Fo5GX9-6yqfs9xu--9mi7lokY1XIhNI_F2fsxTLU_wFesDMX-pOHPV73AbztM_oXd4Hfeb7arvsc1ex2B1fd8BzEHXEaotm9NztTeGlajEvRcQD_-S_aQ6Vc0Vpmpc0Co3hv-gUAfVc7xr3WSnYdZDz7DO9-5zCJpHgLTVQW4tDmFZmfqVrIBGwlKjhkC81jRfwUJbIdqm0OwsVGHXci3auVtN18khVZdep6j5Ti_BiVW8wusm_r_4uqTtBUo7x0QaB6ES1r0WEU36_MWnVAMuwERYZga7P0UTEda_0mhRBHg0OWK3UtC47FW8XBhM7i4PPrJMn5A6fP-S6FsmXt1doNLQIx1yLMR0eibD52j1tFW6ka029ERu3Gc913a-XsPwvbtsGb6wORHwM7kOyaR4ovDxrynsmtnQoUGc8Rnr93kEs6RH3XJxq3P1jki2yLaV9vmYn0rMFFCue53JOSHbXq3nxoq8rMJn0OQ3-pqaHFBinJWJD59xb1rvGu3D9ZvCVGl4fWa-5rBtbbc76yNficczszVyD85eSyj4INL760lSY_FdN66cWXHNFo5thYh3uATqTLDeEnjRQz68tEju-e_WIep0C5Gb-o22eFp48W1HXxsdo3FMy-78S-HysreMICPo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mir23.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDGN-7kzhUb6OhvlMfF2jZo&google_cver=1&google_push=Aa02lx8MrmWfSx9zTaJh52LSz3ODO_0rdycNXdgaTwPdbRBGXH4qeDVBpTyuKHltxnffXozAdjzsj_Vnheo4otc_MolAwlIuqsQA8S-ogbz1ozTrGPkRoQdWIMftZUJneM4b2k_b3E1tp6KzTQ

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mir23.online/	1970-01-20 19:05:11	Name: _ga Value: GA1.2.1419573672.1675751162
.mir23.online/	1970-01-20 09:30:37	Name: _gid Value: GA1.2.1631027900.1675751162
.mir23.online/	1970-01-20 09:29:11	Name: _gat_gtag_UA_212562185_1 Value: 1
.mir23.online/	1970-01-20 18:50:47	Name: __gads Value: ID=a555731f600f139f-22eeaa2ca4db0077:T=1675751161:RT=1675751161:S=ALNI_MaAeKRXc27y-JamUOi9WMAZYh6_Dw
.mir23.online/	1970-01-20 18:50:47	Name: __gpi Value: UID=00000bb136794a84:T=1675751161:RT=1675751161:S=ALNI_MbRDK-Zhu3wqruizAmZMzYb-XAdNw
.doubleclick.net/	1970-01-20 18:50:47	Name: IDE Value: AHWqTUkoylRv4ZYn8bClbAOwND5O2u4WISQEP92CpCiTjzAoEeaFW_PVB-P7TyxPbPc
.doubleclick.net/	1970-01-20 09:29:12	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 09:29:14	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 11:38:47	Name: d Value: EC4BCQGeKIEA
.quantserve.com/	1970-01-20 18:59:25	Name: mc Value: 63e1eefb-83436-20e07-f792c
.pubmatic.com/	1970-01-20 09:30:37	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 18:14:47	Name: CMID Value: Y.Hu..n9MJAiDOd087MvRgAA
.casalemedia.com/	1970-01-20 11:38:47	Name: CMPS Value: 1158
.casalemedia.com/	1970-01-20 11:38:47	Name: CMPRO Value: 1158
.pubmatic.com/	1970-01-20 18:14:47	Name: KADUSERCOOKIE Value: 6E27A0E8-DF8E-443E-982F-C68EE7D1372D
.agkn.com/	1970-01-20 18:14:47	Name: ab Value: 0001%3AbWD3AOG7dYgZGRETdJd3aKIfPxWRixBN
.agkn.com/	1970-01-20 18:14:47	Name: u Value: C\|0CEArdKt7K3SrewAAAAAAAQ13AQCAAQpAAAAAAA
.e.dlx.addthis.com/	1970-01-20 18:59:25	Name: na_tc Value: Y
.innovid.com/	1970-01-20 11:38:47	Name: uuid Value: ba4f1aea-6396-4ed6-8988-54d0762e290e-20230207 01:26:04
.addthis.com/	1970-01-20 18:59:25	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 10:12:23	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 10:12:23	Name: na_sr Value: 20230207
.dlx.addthis.com/	1970-01-20 09:29:11	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 10:12:23	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 18:59:25	Name: na_id Value: 2023020706260400075411738047
.addthis.com/	1970-01-20 18:59:25	Name: uid Value: 63e1eefccff45302
.addthis.com/	1970-01-20 18:59:25	Name: ouid Value: 63e1eefc0001f2496d52741dffdf0d8ae583d6b186fc04ae21ac

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDGN-7kzhUb6OhvlMfF2jZo&google_cver=1&google_push=Aa02lx8MrmWfSx9zTaJh52LSz3ODO_0rdycNXdgaTwPdbRBGXH4qeDVBpTyuKHltxnffXozAdjzsj_Vnheo4otc_MolAwlIuqsQA8S-ogbz1ozTrGPkRoQdWIMftZUJneM4b2k_b3E1tp6KzTQ Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAa02lx8HW91Od0hfVIKBudfu0H_aOcU2n-G584e--_YGC2aqNmiThJQpV0k0-sJHUVOM4MW4Hp_I0POzZvwIwbGjhslkUxcHpElEcq-p9vJ_0OYQao5L0mKeoDNJ3Fa7GqFd3CH5YKvUBuEr&google_gid=CAESEHh1uT6algUjgm8jzJA-QuM&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-5934039247412202&fa=4&ifi=8&uci=a!8&btvi=5&xpc=OVhAwpoEyz&p=http%3A//mir23.online Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-5934039247412202&fa=1&ifi=9&uci=a!9&btvi=6&xpc=2huIKQFQVf&p=http%3A//mir23.online Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
mir23.online
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
142.251.208.162
172.64.154.237
185.64.190.78
2001:4860:4802:36::178
23.203.125.189
2404:6800:4005:81d::2003
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:400d:802::2002
2a05:d01c:1d8:8100:e1bd:7041:688d:fd77
35.157.212.215
35.227.252.103
35.244.174.68
69.173.144.138
87.236.16.150
004447a3045e5d1f637f97c14dd2693fc78dc0a1ef822fd5230ffb9dcf87034d
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0ae537038d179baff8fefc17c29d7ae8ad6f5c256687b56ca732a505c3c7c91b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c853c2cc205bafe5d893017b6a03a2acf0f04a11b85f80605514cf0ae540fe6
0e60248025418d096dfc031b77ee927ea0530db6a6cc7ab2152591ca75b31ec0
12a26c0e5f4642b12b64cebf5b194cd46d4905210367a6cdf3e3824bff6318eb
165bbe7b874f7d02147c222e949dfe7fd5e67f52b271fe67d56f95e10b9b89b2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19cbff38d0e9e2776d1227fb3c83d4fc4a9fe1b7a5e10c3f0dab30484a9f17c2
19db6436d90744a6b274941d3eb7e70bbac8d89b957bb1a1d2b52a01736bace6
1a516ce5eba0eded4521d090856aa5a355ed853edcdd63cded6bad82d747faf5
1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923
20f04a403f02175635c342c6694a2816cd4a2cb0e989511e4d6bc7d8b93cd679
251e946fb0ebfc2dd20d8e40bc93163ad4e56d37e6984579b68fcf23fe054630
29f204a4df63121a80863a67cf7e7e09f05302b6a99747bbea8c645bd1f5b507
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2f2dcbb668d15241a665c21cb1f9598c256714b45554ea43ee4e27c8b4012455
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33c75dc4676155be31fb7085b8b0a8aeaba553164586ed99858d8ab4426e0590
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3ea538dfe3f28e017d4e9a739ef1923f0e42a37d17743050b1b4066d28746357
4630940a1b12ae3868da259b5d2ca4f85c580f5b59628065ce4ca09fe08453a4
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
47969e9d1dabebe890c473288630ff466d05263c8a1b2b5071fdcf27fa55b109
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51b19b540f8bd09e6aa2444bad61ed48d5b5d8d523a3c932783eb991e29161fe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e747eec6fbe395fea4971c42d5beb68b37d78cdac91051acc312514c43f591b
60a0b7dc20fd8bc1f16916be2b526fcf6a136f21d3a281607963fd7d4efc9669
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
675575eb734b5114526cdc1cc9116bea0e2189e9351700944375af81e226f62d
69da89ad03cea40a86e1d1e182f7e1f6a494e3c3783ee1056f86879af7ea3e35
6a18c57d042582f5a9866ff9e5a303225671cb8b2dd9bef1da9c67d8890bbfb1
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7d8e6f68aff348d59c6eec417a95138c680e6bb8ea47f5df5c969e624b2550
6d4c9d37a30eec75e70a421a389170b3284169bbbce9e3e5b6a718ee23dfcf9f
713f3701e9bf8ac47f92652a884ab3ea9b75cb8b683237da421d6b1cc8bf5c70
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
77efe0996aa57cbec1f507ad09aaca04b20dbe2c9c0892ed8efe84eb176381e6
79d81675fa8c91f4dc20d2b7e4062979e0255efee595ff0e35bc1c82d8031779
803785eac6016439484ba3196ba6c71ee97ff9eb35e7d6b2efb017d9cdd2eb00
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
953ab4f0b3453770aa2a962abe82f4b056a59a7f2bb402aab67765a32558c7ff
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3f48bf4810d0034b5d42683cdc927c5468dbd59b4694ea892fd66b705d52ed3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a9ca98f321855b51061f3aae017bb91730d2562df2b0265da9e9378b1f2a5d
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b42e0827a57a65ce0a7b07269ff4a57fe2ed4a8fc05edf93bad67846bb8e402e
b6314e9ab1b7b695250352375d8f032a3b6a525602f25f744938ff8655e22338
b83accd19bffcea2b6f8a131d7cd7a4989c1357a38540bf5d52806f887f7f424
bd33643097ad7c64b35d4fcf4def545367f7d27a5695036d8a5524b758179168
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3fa146a13b54316925dd21acf9d4e5ffd2665e4b10a8140c4c2aa15074aae0b
c6350d7d8444acf5f7858c2825770616010f56e3f8d965f52126cb81027ad16c
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
c9a8405d7a339fd94893a5e4ba01efaaa8aa8742eace88dd3fbb8f2415605519
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cded31790e63d3ae6fd29c76f7785f39763ef330fba7a3daa77801546de27a0e
d0e8faa5103c0827a0e33a2fca30961573bceda02380a327f7d744a7aaf9e107
d4f22b7be5b41ec10d826c0621f4c2afcbac27b9d248e361fc895a0a50f3cd3c
d50f4089ab3d289ffa59964ab498a942963625a8afbb51f69d808f5bda7c4752
d9a1123e473aa0db0fb8f53966c9b9698e54c586a136c34bea757516e4d0865a
dd9fdf762387b6a692692caad42e2f6fa53f62114250fde247e21651c986f7a8
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4dc0eeb98c9cfe1db52914d2a13fc0f1b3cd522d1cc33b5e76554eefcb76b71
e5bf142e0b3d586ccd9af4704d9a9ec48b4ff9777eb1d694675a4d927765e928
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
ea9c3106d56ff8e65472803baed19ca6bec1300831e388143b64059924a7f4e4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef453687d0062dc62c1022629c204134e56ce42ae26a571dfe1abd05347d6a46
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f966f939b2b6e7a9feba7efb7552e7080b1f5f8b4c3728326e8f082f7f98aaa2
fb83f3a89bf4c91924b4196381c0bcf763d8d2baf5b4212b7f5d09b52a21f00d
fcc49bcfb7c0ca41c3fe8b6e6af6a47655ea470b18d757056802308b56f1b704

mir23.online Open in urlscan Pro 87.236.16.150 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

195 Requests

83 %HTTPS

65 %IPv6

21 Domains

27 Subdomains

22 IPs

7 Countries

2940 kBTransfer

6120 kBSize

27 Cookies

2 Outgoing links

Redirected requests

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mir23.online Open in urlscan Pro
87.236.16.150 Public Scan

Screenshot
Live screenshot

Full Image

195
Requests

83 %
HTTPS

65 %
IPv6

21
Domains

27
Subdomains

22
IPs

7
Countries

2940 kB
Transfer

6120 kB
Size

27
Cookies

195 HTTP transactions
8 data transactions