urlscan.io logo urlscan.io
SecurityTrails logo

mirror-h.org Open in urlscan Pro
2606:4700:3030::6818:6f75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mirror-h.org/
Effective URL: https://mirror-h.org/
Submission: On October 16 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3030::6818:6f75, located in United States and belongs to CLOUDFLARENET, US. The main domain is mirror-h.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2020. Valid for: a year.
This is the only time mirror-h.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    2606:4700:3030::6818:6f75 (United States)

ASN13335 (CLOUDFLARENET, US)
mirror-h.org
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
fonts.googleapis.com
1    2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
1    2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
7    2a00:1450:4009:818::2002 (London, United Kingdom)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
7    2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)
static-v.tawk.to
va.tawk.to
vsb78.tawk.to
2    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
2    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
15 mirror-h.org 1 redirects mirror-h.org
ajax.cloudflare.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 vsb78.tawk.to embed.tawk.to
4 pagead2.googlesyndication.com ajax.cloudflare.com
pagead2.googlesyndication.com
3 cdn.jsdelivr.net embed.tawk.to
3 fonts.googleapis.com embed.tawk.to
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 va.tawk.to embed.tawk.to
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 static-v.tawk.to
1 embed.tawk.to mirror-h.org
1 www.googletagmanager.com ajax.cloudflare.com
1 ajax.cloudflare.com mirror-h.org
1 ajax.googleapis.com mirror-h.org
47 17

This site contains links to these domains. Also see Links.

Domain
www.suleymanakyildiz.com.tr
www.turkhacks.com
facebook.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-09 -
2021-07-09		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-05 -
2021-04-17		 6 months crt.sh
*.google.de
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://mirror-h.org/
Frame ID: CDA7E1C7148DA0751DD583316D5B14E0
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html
Frame ID: 3E0A6A852E9BEAB1EF20B21B6CE81C5D
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 49F769147FDACC484B9A1286F539E64D
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 1092BCB6D04DD942E11F47CA02C2248A
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 66FBFC0CE4DD564ABDAC180EA69DC025
Requests: 4 HTTP requests in this frame

Frame: https://static-v.tawk.to/a-v3/images/bubbles/168-r-br.svg
Frame ID: BDED663E520BC04AC2D76A72200F6968
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2872749209857740&output=html&h=90&slotname=6351787879&adk=3242498533&adf=2913177901&pi=t.ma~as.6351787879&w=728&lmt=1602853917&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fmirror-h.org%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602853916888&bpp=14&bdt=598&idt=133&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6772093665928&frm=20&pv=2&ga_vid=1425941616.1602853917&ga_sid=1602853917&ga_hid=2116620102&ga_fc=0&iag=0&icsg=10625679&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726949%2C21067493&oid=3&pvsid=329832709577890&pem=268&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ptQgrKK7E6&p=https%3A//mirror-h.org&dtd=153
Frame ID: B01829B3E6DF67E6DC9BC57C6F65D1CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2872749209857740&output=html&h=90&slotname=3174960191&adk=809364515&adf=1327086493&pi=t.ma~as.3174960191&w=377&lmt=1602853917&psa=0&guci=1.2.0.0.2.2.0.0&format=377x90&url=https%3A%2F%2Fmirror-h.org%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602853916902&bpp=4&bdt=612&idt=169&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6772093665928&frm=20&pv=1&ga_vid=1425941616.1602853917&ga_sid=1602853917&ga_hid=2116620102&ga_fc=0&iag=0&icsg=44180111&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=977&ady=129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726949%2C21067493&oid=3&pvsid=329832709577890&pem=268&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nbPfzok77x&p=https%3A//mirror-h.org&dtd=173
Frame ID: 759CBC22ADA4D8575E03E7B0A4DDCE04
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2872749209857740&output=html&h=280&slotname=2268292380&adk=4203921795&adf=3235933448&pi=t.ma~as.2268292380&w=1110&fwrn=4&fwrnh=100&lmt=1602853917&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1110x280&url=https%3A%2F%2Fmirror-h.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602853916906&bpp=1&bdt=616&idt=180&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C377x90&correlator=6772093665928&frm=20&pv=1&ga_vid=1425941616.1602853917&ga_sid=1602853917&ga_hid=2116620102&ga_fc=0&iag=0&icsg=44180111&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726949%2C21067493&oid=3&pvsid=329832709577890&pem=268&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4xeQuDAzJ2&p=https%3A//mirror-h.org&dtd=183
Frame ID: 2C1BEAC2B07F3FFCEC261878A90C004C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2872749209857740&output=html&adk=1812271804&adf=3025194257&lmt=1602853917&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmirror-h.org%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602853916929&bpp=1&bdt=639&idt=165&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C377x90%2C1110x280&nras=1&correlator=6772093665928&frm=20&pv=1&ga_vid=1425941616.1602853917&ga_sid=1602853917&ga_hid=2116620102&ga_fc=0&iag=0&icsg=176720446&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726949%2C21067493&oid=3&pvsid=329832709577890&pem=268&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=171
Frame ID: CB256E0C2671668CC97239B6BC3741B2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 9D408E03D1D0BE69678B2437DF02E86B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mirror-h.org/ HTTP 301
    https://mirror-h.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/embed\.tawk\.to/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

47
Requests

100 %
HTTPS

100 %
IPv6

12
Domains

17
Subdomains

14
IPs

4
Countries

1073 kB
Transfer

2942 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mirror-h.org/ HTTP 301
    https://mirror-h.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mirror-h.org/
Redirect Chain
  • http://mirror-h.org/
  • https://mirror-h.org/
19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mirror-h.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.4
Resource Hash
a84625c99caada9712b528385faf9e5da3bc60c9f1b0a4c400261dacb6e030da

Request headers

:method
GET
:authority
mirror-h.org
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 16 Oct 2020 13:11:56 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d22ff6ce70699fdc768125b6fdceda0fe1602853916; expires=Sun, 15-Nov-20 13:11:56 GMT; path=/; domain=.mirror-h.org; HttpOnly; SameSite=Lax; Secure PHPSESSID=fu58sosa41ffm1balece7ot23e; path=/
x-powered-by
PHP/7.4.4
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
05d322e5ce0000c2f93734b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853916"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e32074fafb5c2f9-FRA
content-encoding
br

Redirect headers

Date
Fri, 16 Oct 2020 13:11:56 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 16 Oct 2020 14:11:56 GMT
Location
https://mirror-h.org/
cf-request-id
05d322e5880000dfadc4887000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853916"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5e32074f4c27dfad-FRA
materialdesignicons.min.css
mirror-h.org/templates/css/ 		230 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mirror-h.org/templates/css/materialdesignicons.min.css
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b84e09c5a7c3462f1c09bd0f0422d108be6392a1dcf48248430d9f203907eb8

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1548
status
200
cf-request-id
05d322e6860000c2f942bbf000000001
last-modified
Sat, 09 May 2020 02:08:03 GMT
server
cloudflare
etag
W/"3976e-5eb61083-80458a6;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853916"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
5e320750d9c3c2f9-FRA
expires
Thu, 15 Oct 2020 13:44:23 GMT
style.css
mirror-h.org/templates/css/ 		555 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mirror-h.org/templates/css/style.css
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83cb0e135456270dc21e95cc5f86efffbfbd1e1f2e77cd9b08cd35f9f8f2dda8

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
344304
cf-polished
origSize=642328
status
200
cf-request-id
05d322e6860000c2f9443ef000000001
last-modified
Tue, 12 May 2020 08:51:11 GMT
server
cloudflare
etag
W/"9cd18-5eba637f-8045e1c;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853916"}],"group":"cf-nel","max_age":604800}
content-type
text/css
expires
Mon, 19 Oct 2020 13:33:32 GMT
cache-control
public, max-age=604800
cf-ray
5e320750d9c5c2f9-FRA
cf-bgj
minify
logo.png
mirror-h.org/templates/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mirror-h.org/templates/images/logo.png
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30acb57cbee444b375ae99eff7bee63bde6a5e37a9b9d43f36ca6a1d14a42dc

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1548
status
200
content-length
15423
cf-request-id
05d322e6890000c2f995b46000000001
last-modified
Sat, 16 Nov 2019 20:41:25 GMT
server
cloudflare
etag
"3c3f-5dd05ef5-1006e86f;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853916"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5e320750d9cbc2f9-FRA
expires
Mon, 12 Oct 2020 13:03:03 GMT
US.png
mirror-h.org/templates/flags/ 		215 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mirror-h.org/templates/flags/US.png
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc54af6e5c8237200d49fd6a49061fffeb8a7217bb9000acd1c02039b65b22ba

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1530
status
200
content-length
215
cf-request-id
05d322e68d0000c2f995347000000001
last-modified
Sat, 16 Nov 2019 20:40:21 GMT
server
cloudflare
etag
"d7-5dd05eb5-a079b92;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853916"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5e320750d9cec2f9-FRA
expires
Mon, 12 Oct 2020 17:06:47 GMT
TR.png
mirror-h.org/templates/flags/ 		463 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mirror-h.org/templates/flags/TR.png
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde9ebaa44f6027c50ab4ebe6372c3f1656f12c7db00cdec8a447cb785fee93a

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1530
status
200
content-length
463
cf-request-id
05d322e68d0000c2f92d1fe000000001
last-modified
Sat, 16 Nov 2019 20:40:23 GMT
server
cloudflare
etag
"1cf-5dd05eb7-a079b8b;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853916"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5e320750d9dac2f9-FRA
expires
Fri, 23 Oct 2020 12:46:26 GMT
FR.png
mirror-h.org/templates/flags/ 		142 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mirror-h.org/templates/flags/FR.png
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e57f71db90cee6ebd54ed7bb28cc7fdcbd2f4592ade4998f2bc6458d997b3f

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1530
status
200
content-length
142
cf-request-id
05d322e68e0000c2f958098000000001
last-modified
Sat, 16 Nov 2019 20:40:59 GMT
server
cloudflare
etag
"8e-5dd05edb-a079a5c;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853916"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5e320750d9dec2f9-FRA
expires
Fri, 23 Oct 2020 12:46:26 GMT
SG.png
mirror-h.org/templates/flags/ 		687 B
821 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mirror-h.org/templates/flags/SG.png
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327ee0325d7fc6424fdee9487353eac1ccea73db53298dfae0dd0c48231b3baa

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1530
status
200
content-length
687
cf-request-id
05d322e68e0000c2f9689c3000000001
last-modified
Sat, 16 Nov 2019 20:40:29 GMT
server
cloudflare
etag
"2af-5dd05ebd-a079b72;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853916"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5e320750d9e0c2f9-FRA
expires
Fri, 23 Oct 2020 12:46:26 GMT
ID.png
mirror-h.org/templates/flags/ 		139 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mirror-h.org/templates/flags/ID.png
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccecfd8d6955ec585cc23addeff613af78f182f20f520d263bfc682b95cf4b16

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1530
status
200
content-length
139
cf-request-id
05d322e6910000c2f93c374000000001
last-modified
Sat, 16 Nov 2019 20:40:52 GMT
server
cloudflare
etag
"8b-5dd05ed4-a079a74;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853916"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5e320750d9e5c2f9-FRA
expires
Fri, 23 Oct 2020 12:46:26 GMT
RU.png
mirror-h.org/templates/flags/ 		137 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mirror-h.org/templates/flags/RU.png
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44aaee85b78b6bd07f861e4927f147f4ca8b00dc8766fd20ecc88aa612d06fcd

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
287899
status
200
content-length
137
cf-request-id
05d322e6920000c2f9b7055000000001
last-modified
Sat, 16 Nov 2019 20:40:30 GMT
server
cloudflare
etag
"89-5dd05ebe-a079b6b;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853916"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5e320750d9e6c2f9-FRA
expires
Tue, 20 Oct 2020 05:13:37 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 12:53:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1092
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Oct 2021 12:53:44 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
content-encoding
gzip
vary
Accept-Encoding
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
05d322e6970000d6f982308000000001
last-modified
Wed, 14 Oct 2020 13:37:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f86ff0f-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853916"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
5e320750f9ffd6f9-FRA
expires
Sun, 18 Oct 2020 13:11:56 GMT
arka.jpg
mirror-h.org/templates/images/ 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mirror-h.org/templates/images/arka.jpg
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/templates/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c53c984d03f8015ddd44f9789c11ced0e09fe86f691cf441585bdf1dfc8e4882

Request headers

Referer
https://mirror-h.org/templates/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6369
status
200
content-length
214757
cf-request-id
05d322e6d30000c2f9443f7000000001
last-modified
Sat, 16 Nov 2019 20:41:24 GMT
server
cloudflare
etag
"346e5-5dd05ef4-1006e86b;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853916"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5e3207515acfc2f9-FRA
expires
Mon, 12 Oct 2020 13:03:03 GMT
materialdesignicons-webfont.woff2
mirror-h.org/templates/fonts/ 		276 KB
276 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mirror-h.org/templates/fonts/materialdesignicons-webfont.woff2?v=5.1.45
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/templates/css/materialdesignicons.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e06fcbdadc0b72cf9cf8477bb3b1f1dfe22b59abdae824ecbb34fa7fd75f2e9f

Request headers

Origin
https://mirror-h.org
Referer
https://mirror-h.org/templates/css/materialdesignicons.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
282384
cf-request-id
05d322e6e70000c2f90292d000000001
last-modified
Sat, 09 May 2020 02:08:01 GMT
server
cloudflare
etag
"44f10-5eb61081-26a1d040;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853917"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5e3207517b11c2f9-FRA
expires
Fri, 23 Oct 2020 13:11:56 GMT
template.js
mirror-h.org/templates/js/ 		2 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mirror-h.org/templates/js/template.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f84678ed3e898eb7661a2f516be906787100d9cdbda2747e402695c497d9184

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
424676
cf-polished
origSize=3740
status
200
cf-request-id
05d322e7b90000c2f995b5f000000001
last-modified
Sat, 16 Nov 2019 20:41:19 GMT
server
cloudflare
etag
W/"e9c-5dd05eef-121659b1;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853917"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
expires
Sun, 18 Oct 2020 15:14:00 GMT
cache-control
public, max-age=604800
cf-ray
5e320752cd72c2f9-FRA
cf-bgj
minify
jquery-3.4.1.min.js
mirror-h.org/templates/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mirror-h.org/templates/js/jquery-3.4.1.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:6f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1530
status
200
cf-request-id
05d322e7b90000c2f92b15f000000001
last-modified
Sat, 16 Nov 2019 20:41:19 GMT
server
cloudflare
etag
W/"15851-5dd05eef-121659b0;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602853917"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
5e320752cd74c2f9-FRA
expires
Fri, 23 Oct 2020 12:46:26 GMT
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137340134-2
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae2f590b16186b7d21ab525363743665f9979daa9d8014f7391104f1876fcfbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37896
x-xss-protection
0
last-modified
Fri, 16 Oct 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Oct 2020 13:11:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		131 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10c0a5f290ccaa46aff0fb7061c865a96b5879fcc3a0f112b4d292b62f59348b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45748
x-xss-protection
0
server
cafe
etag
3045074480856053689
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Oct 2020 13:11:56 GMT
default
embed.tawk.to/5c33786612db2461b16b1148/ 		510 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5c33786612db2461b16b1148/default
Requested by
Host: mirror-h.org
URL: https://mirror-h.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548abcd569040be5bc15d2c7f9133d97ffaeabc933e1840c461ab660f5b1a401
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://mirror-h.org
Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
713
status
200
vary
Accept-Encoding
cf-request-id
05d322e8d900002c2e2193b000000001
server
cloudflare
etag
W/"fulls6942"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, s-maxage=3600
cf-ray
5e3207548b262c2e-FRA
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/ 		230 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:818::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88670
x-xss-protection
0
server
cafe
etag
13373283986949850894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Oct 2020 13:11:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/ Frame 3E0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201008/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mirror-h.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mirror-h.org/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Fri, 16 Oct 2020 03:28:22 GMT
expires
Fri, 30 Oct 2020 03:28:22 GMT
content-type
text/html; charset=UTF-8
etag
7382719332125555894
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4731
x-xss-protection
0
age
35014
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137340134-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
4951
date
Fri, 16 Oct 2020 11:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Fri, 16 Oct 2020 13:49:25 GMT
css
fonts.googleapis.com/ Frame 49F7 		8 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5c33786612db2461b16b1148/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
150b6afd03574b0db5e6c489ed0aa2758368c92ee6a8ec474a564dd265aa842c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Oct 2020 12:39:43 GMT
server
ESF
date
Fri, 16 Oct 2020 13:11:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Oct 2020 13:11:56 GMT
css
fonts.googleapis.com/ Frame 1092 		8 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5c33786612db2461b16b1148/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
150b6afd03574b0db5e6c489ed0aa2758368c92ee6a8ec474a564dd265aa842c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Oct 2020 12:43:00 GMT
server
ESF
date
Fri, 16 Oct 2020 13:11:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Oct 2020 13:11:56 GMT
css
fonts.googleapis.com/ Frame 66FB 		8 KB
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5c33786612db2461b16b1148/default
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
150b6afd03574b0db5e6c489ed0aa2758368c92ee6a8ec474a564dd265aa842c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Oct 2020 12:44:40 GMT
server
ESF
date
Fri, 16 Oct 2020 13:11:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Oct 2020 13:11:57 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 66FB 		192 B
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5c33786612db2461b16b1148/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2542709
x-cache
HIT, HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
152
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by
cache-fra19180-FRA, cache-hhn4081-HHN
date
Fri, 16 Oct 2020 13:11:57 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 66FB 		295 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5c33786612db2461b16b1148/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
6819013
x-cache
HIT, HIT
status
200
content-length
53889
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by
cache-fra19161-FRA, cache-hhn4081-HHN
date
Fri, 16 Oct 2020 13:11:57 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
168-r-br.svg
static-v.tawk.to/a-v3/images/bubbles/ Frame BDED 		22 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-v.tawk.to/a-v3/images/bubbles/168-r-br.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6f118535c5bbca36246754dacad64fdbd01a7ce156f43a5438c63227cc1a32
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12561
status
200
vary
Accept-Encoding
cf-request-id
05d322e9710000e007062ba000000001
pragma
public
last-modified
Mon, 15 Jul 2019 17:38:55 GMT
server
cloudflare
etag
W/"5d2cba2f-57ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
5e320755899de007-FRA
cf-bgj
h2pri
1602853917015
va.tawk.to/register/ 		670 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/register/1602853917015
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5c33786612db2461b16b1148/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b47b42bb27acd5387a617a6d6bd7045ccb4c7dffb28cddda56fea19ebf41cb7f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Oct 2020 13:11:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status
200
vary
Accept-Encoding
cf-request-id
05d322e96a0000c2efd98b1000000001
x-served-by
visitor-application-preemptive-pt9g
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://mirror-h.org
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
5e3207557effc2ef-FRA
access-control-allow-headers
origin, content-type
integrator.js
adservice.google.de/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mirror-h.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Oct 2020 13:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mirror-h.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Oct 2020 13:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B018 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2872749209857740&output=html&h=90&slotname=6351787879&adk=3242498533&adf=2913177901&pi=t.ma~as.6351787879&w=728&lmt=1602853917&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fmirror-h.org%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602853916888&bpp=14&bdt=598&idt=133&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6772093665928&frm=20&pv=2&ga_vid=1425941616.1602853917&ga_sid=1602853917&ga_hid=2116620102&ga_fc=0&iag=0&icsg=10625679&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726949%2C21067493&oid=3&pvsid=329832709577890&pem=268&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ptQgrKK7E6&p=https%3A//mirror-h.org&dtd=153
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:818::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11535930592144041502/728x90_m3/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11535930592144041502/728x90_m3/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COSb6pKYuewCFWAcBgAdKb8MDg&gqi=HZyJX67cA4eBbai1hJgK&layout=/sadbundle/%24csp%253Der3%24/11535930592144041502/728x90_m3/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2872749209857740&output=html&h=90&slotname=6351787879&adk=3242498533&adf=2913177901&pi=t.ma~as.6351787879&w=728&lmt=1602853917&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fmirror-h.org%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602853916888&bpp=14&bdt=598&idt=133&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6772093665928&frm=20&pv=2&ga_vid=1425941616.1602853917&ga_sid=1602853917&ga_hid=2116620102&ga_fc=0&iag=0&icsg=10625679&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726949%2C21067493&oid=3&pvsid=329832709577890&pem=268&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ptQgrKK7E6&p=https%3A//mirror-h.org&dtd=153
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mirror-h.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mirror-h.org/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11535930592144041502/728x90_m3/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11535930592144041502/728x90_m3/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COSb6pKYuewCFWAcBgAdKb8MDg&gqi=HZyJX67cA4eBbai1hJgK&layout=/sadbundle/%24csp%253Der3%24/11535930592144041502/728x90_m3/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 16 Oct 2020 13:11:57 GMT
server
cafe
content-length
30638
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 16-Oct-2020 13:26:57 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Oct 2020 13:11:57 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201008&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:818::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81e133248d6641fc91d16d71da2871c51cfc651224e21f968060a4f6c5142c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Oct 2020 13:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6963
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602674900477171"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27594
x-xss-protection
0
expires
Fri, 16 Oct 2020 13:11:57 GMT
collect
www.google-analytics.com/j/ 		1 B
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=2116620102&t=pageview&_s=1&dl=https%3A%2F%2Fmirror-h.org%2F&ul=en-us&de=UTF-8&dt=Mirror-h.org%20-%20Hack%20World%20Analyse%20and%20Attack%20Shadow%20System&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=979644262&gjid=131754393&cid=1425941616.1602853917&tid=UA-137340134-2&_gid=2137899605.1602853917&_r=1&gtm=2ou9u1&z=924012270
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Oct 2020 13:11:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://mirror-h.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 759C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2872749209857740&output=html&h=90&slotname=3174960191&adk=809364515&adf=1327086493&pi=t.ma~as.3174960191&w=377&lmt=1602853917&psa=0&guci=1.2.0.0.2.2.0.0&format=377x90&url=https%3A%2F%2Fmirror-h.org%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602853916902&bpp=4&bdt=612&idt=169&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6772093665928&frm=20&pv=1&ga_vid=1425941616.1602853917&ga_sid=1602853917&ga_hid=2116620102&ga_fc=0&iag=0&icsg=44180111&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=977&ady=129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726949%2C21067493&oid=3&pvsid=329832709577890&pem=268&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nbPfzok77x&p=https%3A//mirror-h.org&dtd=173
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:818::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2872749209857740&output=html&h=90&slotname=3174960191&adk=809364515&adf=1327086493&pi=t.ma~as.3174960191&w=377&lmt=1602853917&psa=0&guci=1.2.0.0.2.2.0.0&format=377x90&url=https%3A%2F%2Fmirror-h.org%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602853916902&bpp=4&bdt=612&idt=169&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6772093665928&frm=20&pv=1&ga_vid=1425941616.1602853917&ga_sid=1602853917&ga_hid=2116620102&ga_fc=0&iag=0&icsg=44180111&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=977&ady=129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726949%2C21067493&oid=3&pvsid=329832709577890&pem=268&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nbPfzok77x&p=https%3A//mirror-h.org&dtd=173
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mirror-h.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mirror-h.org/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 16 Oct 2020 13:11:57 GMT
server
cafe
content-length
20084
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 16-Oct-2020 13:26:57 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Oct 2020 13:11:57 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 2C1B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2872749209857740&output=html&h=280&slotname=2268292380&adk=4203921795&adf=3235933448&pi=t.ma~as.2268292380&w=1110&fwrn=4&fwrnh=100&lmt=1602853917&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1110x280&url=https%3A%2F%2Fmirror-h.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602853916906&bpp=1&bdt=616&idt=180&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C377x90&correlator=6772093665928&frm=20&pv=1&ga_vid=1425941616.1602853917&ga_sid=1602853917&ga_hid=2116620102&ga_fc=0&iag=0&icsg=44180111&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726949%2C21067493&oid=3&pvsid=329832709577890&pem=268&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4xeQuDAzJ2&p=https%3A//mirror-h.org&dtd=183
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:818::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2872749209857740&output=html&h=280&slotname=2268292380&adk=4203921795&adf=3235933448&pi=t.ma~as.2268292380&w=1110&fwrn=4&fwrnh=100&lmt=1602853917&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1110x280&url=https%3A%2F%2Fmirror-h.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602853916906&bpp=1&bdt=616&idt=180&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C377x90&correlator=6772093665928&frm=20&pv=1&ga_vid=1425941616.1602853917&ga_sid=1602853917&ga_hid=2116620102&ga_fc=0&iag=0&icsg=44180111&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726949%2C21067493&oid=3&pvsid=329832709577890&pem=268&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4xeQuDAzJ2&p=https%3A//mirror-h.org&dtd=183
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mirror-h.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mirror-h.org/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 16 Oct 2020 13:11:57 GMT
server
cafe
content-length
24810
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 16-Oct-2020 13:26:57 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Oct 2020 13:11:57 GMT
cache-control
private
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601061966610483"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6293
x-xss-protection
0
expires
Fri, 16 Oct 2020 13:11:57 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CB25 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2872749209857740&output=html&adk=1812271804&adf=3025194257&lmt=1602853917&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmirror-h.org%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602853916929&bpp=1&bdt=639&idt=165&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C377x90%2C1110x280&nras=1&correlator=6772093665928&frm=20&pv=1&ga_vid=1425941616.1602853917&ga_sid=1602853917&ga_hid=2116620102&ga_fc=0&iag=0&icsg=176720446&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726949%2C21067493&oid=3&pvsid=329832709577890&pem=268&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=171
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:818::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2872749209857740&output=html&adk=1812271804&adf=3025194257&lmt=1602853917&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmirror-h.org%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602853916929&bpp=1&bdt=639&idt=165&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C377x90%2C1110x280&nras=1&correlator=6772093665928&frm=20&pv=1&ga_vid=1425941616.1602853917&ga_sid=1602853917&ga_hid=2116620102&ga_fc=0&iag=0&icsg=176720446&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726949%2C21067493&oid=3&pvsid=329832709577890&pem=268&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=171
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mirror-h.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mirror-h.org/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 16 Oct 2020 13:11:57 GMT
server
cafe
content-length
514
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 16-Oct-2020 13:26:57 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Oct 2020 13:11:57 GMT
cache-control
private
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 9D40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/217/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mirror-h.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mirror-h.org/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Fri, 16 Oct 2020 12:58:52 GMT
expires
Sat, 16 Oct 2021 12:58:52 GMT
last-modified
Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
785
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
vsb78.tawk.to/s/ 		101 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb78.tawk.to/s/?k=5f899c1d8483bb5041897c86&u=JEYnZYPOb%2Buq%2FXezibVkMC%2B4OVSWSSXEbj50uNJQUx4Rp3cNQO132sc3f0l%2FBBH3&uv=2&a=5c33786612db2461b16b1148&cver=0&pop=false&jv=694&asver=393&ust=false&EIO=3&transport=polling&__t=NKnYT9Y
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5c33786612db2461b16b1148/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ada31388a68b1e3f644bcc128994b1d962cf10ad9fc1604e3c61376767b98e6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:57 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://mirror-h.org
access-control-allow-credentials
true
cf-ray
5e32075719d0c2ef-FRA
content-length
101
cf-request-id
05d322ea6f0000c2ef4d99e000000001
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 66FB 		413 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
14456066
x-cache
HIT, HIT
status
200
content-length
413
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by
cache-fra19122-FRA, cache-hhn4081-HHN
date
Fri, 16 Oct 2020 13:11:57 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
gen_204
pagead2.googlesyndication.com/pagead/ 		0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201008&jk=329832709577890&bg=!m5ilmLjNAAUZK2QAGVgsL7Ew4YjgXgIAAABhUgAAABMKAFxBlcqPMgkE1Vn4gFIO1-rsVhHjAMHoTy1OwebMUSS30lVisAPejl5J4Iw_jcu-bkNzRYx5yQDrqXoGXqR3K_urHu_HrY1MZkfssYCJ7cvwVexvFBRUiJQUJaciMJkB8nPIcCx4SBVHlz0pHPVp74t7zHlDGAIi65-cHSoE5Ln6EmlSbyHGJ73Ew4OXv88KEZCuuV1w-3gtbr92gIUSJROscNh1MJzsUdS-hgNqdpsaZ7CW7DFpu3dSIV6BgXXJQisi8TyY2N0TtvKjd6tnQ2xDNzRaE6Z2D0hcUqmFiaexXtYwcQgPR-F46wo5QSbEY4l1V9CpD4b16rwMXMYwGT7adlrC5JBO5YJ0Ob8sl860wVrGj26FOOFZScQ1ZzLPbvFs9SV9Tv30ZiQchQYB7bU9CYOifIYHRxx7zRZgOr717x7aoyGL5ozEsz_3qk3g14f_9HgOd_5UTnHeNd-gVKhC9qBSD8WzBUw-MY2vLBg5-LWwBHYyGWzVIDIpQRPBhSAFcyLjg_bZIIADgFh-0X3eM8l6V2n2iTMObSml8oOjZbFqosQTR9ojZWu6aok0nyclBVMKYnInF5e5m7wB92UN-eA1vT7GVJ10aU_xWfmK-6Y_B9uMWrs_-teYB5WailBF24SO8NXvny6rES71RuWN7DGLONCQogpBa6a_yVGLsVSkOwipDzHOEQarMEYP_uXKgqirjp6xnCI3jJtfycDCmM9u25CTGJexyksrlw2Z3UiuUSWg7furYps05gLiqh-M95W11zswlkpcTA7lsst_8w
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:818::2002 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Oct 2020 13:11:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
vsb78.tawk.to/s/ 		77 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb78.tawk.to/s/?k=5f899c1d8483bb5041897c86&u=JEYnZYPOb%2Buq%2FXezibVkMC%2B4OVSWSSXEbj50uNJQUx4Rp3cNQO132sc3f0l%2FBBH3&uv=2&a=5c33786612db2461b16b1148&cver=0&pop=false&jv=694&asver=393&ust=false&EIO=3&transport=polling&__t=NKnYTCe.0&sid=S0IWEt3H-6QuMavDHRlA
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5c33786612db2461b16b1148/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e942d8e7b5e6a4205b23ee1d0b314cda3e5ac3c1b0083368332139bce83f3538
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:57 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://mirror-h.org
access-control-allow-credentials
true
cf-ray
5e3207585c28c2ef-FRA
content-length
77
cf-request-id
05d322eb330000c2ef6e2fe000000001
v3
va.tawk.to/log-performance/ 		5 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5c33786612db2461b16b1148/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Oct 2020 13:11:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Accept-Encoding
cf-request-id
05d322ebed0000c2efc3265000000001
x-served-by
visitor-application-preemptive-214q
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://mirror-h.org
access-control-allow-credentials
true
cf-ray
5e3207597f08c2ef-FRA
access-control-allow-headers
origin, content-type
/
vsb78.tawk.to/s/ 		432 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb78.tawk.to/s/?k=5f899c1d8483bb5041897c86&u=JEYnZYPOb%2Buq%2FXezibVkMC%2B4OVSWSSXEbj50uNJQUx4Rp3cNQO132sc3f0l%2FBBH3&uv=2&a=5c33786612db2461b16b1148&cver=0&pop=false&jv=694&asver=393&ust=false&EIO=3&transport=polling&__t=NKnYTFe&sid=S0IWEt3H-6QuMavDHRlA
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5c33786612db2461b16b1148/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
810948574cb09ed34590234ff330fa7376ecb71e73c0f6dda298ff157008fcfd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 13:11:58 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://mirror-h.org
access-control-allow-credentials
true
cf-ray
5e3207597f0bc2ef-FRA
content-length
432
cf-request-id
05d322ebed0000c2efb7829000000001
/
vsb78.tawk.to/s/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb78.tawk.to/s/?k=5f899c1d8483bb5041897c86&u=JEYnZYPOb%2Buq%2FXezibVkMC%2B4OVSWSSXEbj50uNJQUx4Rp3cNQO132sc3f0l%2FBBH3&uv=2&a=5c33786612db2461b16b1148&cver=0&pop=false&jv=694&asver=393&ust=false&EIO=3&transport=polling&__t=NKnYTNT&sid=S0IWEt3H-6QuMavDHRlA
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5c33786612db2461b16b1148/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mirror-h.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

date
Fri, 16 Oct 2020 13:11:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/html
access-control-allow-origin
https://mirror-h.org
access-control-allow-credentials
true
cf-ray
5e32075c9c9ec2ef-FRA
cf-request-id
05d322eddf0000c2efd9908000000001

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery object| __cfQR object| adsbygoogle object| Tawk_API object| Tawk_LoadStart function| gtag object| dataLayer object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_redemption_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_tag_manager boolean| __cfRLUnblockHandlers object| google_tag_data string| GoogleAnalyticsObject function| ga string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| gaplugins object| gaData object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests

2 Cookies

Domain/Path Name / Value
mirror-h.org/ Name: PHPSESSID
Value: fu58sosa41ffm1balece7ot23e
.mirror-h.org/ Name: __cfduid
Value: d22ff6ce70699fdc768125b6fdceda0fe1602853916

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
googleads.g.doubleclick.net
mirror-h.org
pagead2.googlesyndication.com
static-v.tawk.to
tpc.googlesyndication.com
va.tawk.to
vsb78.tawk.to
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700:3030::6818:6f75
2606:4700::6810:a823
2a00:1450:4001:801::2001
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:816::2002
2a00:1450:4001:818::2002
2a00:1450:4001:81a::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:824::2008
2a00:1450:4009:818::2002
2a04:4e42:1b::621
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10c0a5f290ccaa46aff0fb7061c865a96b5879fcc3a0f112b4d292b62f59348b
150b6afd03574b0db5e6c489ed0aa2758368c92ee6a8ec474a564dd265aa842c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b84e09c5a7c3462f1c09bd0f0422d108be6392a1dcf48248430d9f203907eb8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
327ee0325d7fc6424fdee9487353eac1ccea73db53298dfae0dd0c48231b3baa
3ada31388a68b1e3f644bcc128994b1d962cf10ad9fc1604e3c61376767b98e6
44aaee85b78b6bd07f861e4927f147f4ca8b00dc8766fd20ecc88aa612d06fcd
45e57f71db90cee6ebd54ed7bb28cc7fdcbd2f4592ade4998f2bc6458d997b3f
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
548abcd569040be5bc15d2c7f9133d97ffaeabc933e1840c461ab660f5b1a401
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7c6f118535c5bbca36246754dacad64fdbd01a7ce156f43a5438c63227cc1a32
7f84678ed3e898eb7661a2f516be906787100d9cdbda2747e402695c497d9184
810948574cb09ed34590234ff330fa7376ecb71e73c0f6dda298ff157008fcfd
81e133248d6641fc91d16d71da2871c51cfc651224e21f968060a4f6c5142c68
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
83cb0e135456270dc21e95cc5f86efffbfbd1e1f2e77cd9b08cd35f9f8f2dda8
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a84625c99caada9712b528385faf9e5da3bc60c9f1b0a4c400261dacb6e030da
ae2f590b16186b7d21ab525363743665f9979daa9d8014f7391104f1876fcfbc
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b47b42bb27acd5387a617a6d6bd7045ccb4c7dffb28cddda56fea19ebf41cb7f
c53c984d03f8015ddd44f9789c11ced0e09fe86f691cf441585bdf1dfc8e4882
ccecfd8d6955ec585cc23addeff613af78f182f20f520d263bfc682b95cf4b16
d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc
dde9ebaa44f6027c50ab4ebe6372c3f1656f12c7db00cdec8a447cb785fee93a
e06fcbdadc0b72cf9cf8477bb3b1f1dfe22b59abdae824ecbb34fa7fd75f2e9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e942d8e7b5e6a4205b23ee1d0b314cda3e5ac3c1b0083368332139bce83f3538
f30acb57cbee444b375ae99eff7bee63bde6a5e37a9b9d43f36ca6a1d14a42dc
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fc54af6e5c8237200d49fd6a49061fffeb8a7217bb9000acd1c02039b65b22ba