URL: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Submission Tags: falconsandbox
Submission: On February 19 via api from US — Scanned from DE

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 31 HTTP transactions. The main IP is 91.195.99.122, located in Bucharest, Romania and belongs to M247, RO. The main domain is www.mirrored.to. The Cisco Umbrella rank of the primary domain is 395432.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 16th 2024. Valid for: 3 months.
This is the only time www.mirrored.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
8 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 4076
api.cmp.inmobi.com — Cisco Umbrella Rank: 13170
220 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 303
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 624
76 KB
4 mirrored.to
www.mirrored.to — Cisco Umbrella Rank: 395432
14 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 113
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
165 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
region1.google-analytics.com — Cisco Umbrella Rank: 2000
21 KB
3 fuseplatform.net
cdn.fuseplatform.net — Cisco Umbrella Rank: 13726
137 KB
2 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 4728
446 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
165 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 353
2 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5654
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
408 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 434
32 KB
31 12
Domain Requested by
7 cmp.inmobi.com www.mirrored.to
cmp.quantcast.com
cmp.inmobi.com
4 www.mirrored.to www.mirrored.to
3 c.amazon-adsystem.com cdn.fuseplatform.net
c.amazon-adsystem.com
3 cdn.fuseplatform.net www.mirrored.to
cdn.fuseplatform.net
2 securepubads.g.doubleclick.net cdn.fuseplatform.net
securepubads.g.doubleclick.net
2 cmp.quantcast.com 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.mirrored.to
www.googletagmanager.com
1 api.cmp.inmobi.com cmp.inmobi.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.jsdelivr.net cdn.fuseplatform.net
1 www.google.de www.mirrored.to
1 www.google.com www.mirrored.to
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 ajax.googleapis.com www.mirrored.to
31 16

This site contains links to these domains. Also see Links.

Domain
twitter.com
Subject Issuer Validity Valid
mirrored.to
cPanel, Inc. Certification Authority
2024-02-16 -
2024-05-16
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
cdn.fuseplatform.net
R3
2023-12-20 -
2024-03-19
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
www.google.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
www.google.de
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA
2023-08-18 -
2024-08-17
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Frame ID: B615CFE62B29AF690191FD90E35338A6
Requests: 31 HTTP requests in this frame

Screenshot

Page Title

Nero.Burning.ROM-Express.23.0.1.19.rar - Mirrored.to - Mirrorcreator - Upload files to multiple hosts

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

31
Requests

94 %
HTTPS

69 %
IPv6

12
Domains

16
Subdomains

15
IPs

4
Countries

832 kB
Transfer

3132 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2 HTTP 301
  • https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2
Request Chain 20
  • https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2 HTTP 301
  • https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Nero.Burning.ROM-Express.23.0.1.19.rar_links
www.mirrored.to/files/JA9EBSEQ/
14 KB
5 KB
Document
General
Full URL
https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.195.99.122 Bucharest, Romania, ASN9009 (M247, RO),
Reverse DNS
mirrored.to
Software
Apache /
Resource Hash
2978bf79a93ca7d572e8ba5673e75a7e297c8520876d846c8b3e9f3bc5aeaa97

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
4417
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Feb 2024 01:44:31 GMT
Keep-Alive
timeout=30, max=2500
Server
Apache
Vary
Accept-Encoding
normalize.css
www.mirrored.to/templates/mirrored/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.mirrored.to/templates/mirrored/css/normalize.css
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.195.99.122 Bucharest, Romania, ASN9009 (M247, RO),
Reverse DNS
mirrored.to
Software
Apache /
Resource Hash
d5963ecbf1db726386f0557788a4e8edcf4fc3b25e75e55898c1ce0fd9953230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Mon, 19 Feb 2024 01:44:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jul 2018 09:32:09 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=2499
Content-Length
1710
min-style_dl.css
www.mirrored.to/templates/mirrored/css/
25 KB
6 KB
Stylesheet
General
Full URL
https://www.mirrored.to/templates/mirrored/css/min-style_dl.css?v=6.62
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.195.99.122 Bucharest, Romania, ASN9009 (M247, RO),
Reverse DNS
mirrored.to
Software
Apache /
Resource Hash
941b74c61526e7e762df7962b3ca1f14562ae70057b963bbda79c3281ae97449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Mon, 19 Feb 2024 01:44:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Jan 2023 15:27:27 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=2498
Content-Length
5876
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.4/
90 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
493080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32222
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:46:31 GMT
fuse.js
cdn.fuseplatform.net/publift/tags/2/2217/
223 KB
59 KB
Script
General
Full URL
https://cdn.fuseplatform.net/publift/tags/2/2217/fuse.js
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
448bb4a98d6e073a40c8d0495369ad72c06a8f11ee38e73148121c2f0f337757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 01:44:32 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 07:22:16 GMT
server
AkamaiNetStorage
etag
"50d97c885e16d393c9c6b28ca054cfbe:1692256936.162709"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
60011
expires
Mon, 19 Feb 2024 02:14:32 GMT
js
www.googletagmanager.com/gtag/
192 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-8586142-1
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a14bc2fce5face35381ee1e9bea31e11463d1416fe694e783c94e77ed05c673
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 01:44:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70919
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Feb 2024 01:44:31 GMT
EN.png
www.mirrored.to/templates/mirrored/images/lang/
765 B
1 KB
Image
General
Full URL
https://www.mirrored.to/templates/mirrored/images/lang/EN.png
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.195.99.122 Bucharest, Romania, ASN9009 (M247, RO),
Reverse DNS
mirrored.to
Software
Apache /
Resource Hash
6e9e9281d32d8730c476f6b15142000f649937da3ec328c73487462cdb49c16c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Mon, 19 Feb 2024 01:44:31 GMT
Last-Modified
Fri, 19 Oct 2012 08:23:30 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=2497
Content-Length
765
js
www.googletagmanager.com/gtag/
290 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K340681DZN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8586142-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3db24c2015ace33ac791982f8d47e380cd42bc1288d2a7218d8589c66e1eb4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 01:44:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97361
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Feb 2024 01:44:32 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8586142-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 19 Feb 2024 01:30:40 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
832
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 19 Feb 2024 03:30:40 GMT
collect
www.google-analytics.com/j/
2 B
207 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=438968829&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mirrored.to%2Ffiles%2FJA9EBSEQ%2FNero.Burning.ROM-Express.23.0.1.19.rar_links&ul=en-us&de=UTF-8&dt=Nero.Burning.ROM-Express.23.0.1.19.rar%20-%20Mirrored.to%20-%20Mirrorcreator%20-%20Upload%20files%20to%20multiple%20hosts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=123680668&gjid=843050590&cid=946032824.1708307072&tid=UA-8586142-1&_gid=1552992769.1708307072&_r=1&gtm=457e42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=1716473945
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mirrored.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Feb 2024 01:44:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mirrored.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
254 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-K340681DZN&gtm=45je42e0v9103961777za200&_p=1708307071932&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=946032824.1708307072&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708307072&sct=1&seg=0&dl=https%3A%2F%2Fwww.mirrored.to%2Ffiles%2FJA9EBSEQ%2FNero.Burning.ROM-Express.23.0.1.19.rar_links&dt=Nero.Burning.ROM-Express.23.0.1.19.rar%20-%20Mirrored.to%20-%20Mirrorcreator%20-%20Upload%20files%20to%20multiple%20hosts&en=page_view&_fv=1&_ss=1&tfd=538
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K340681DZN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Feb 2024 01:44:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mirrored.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
349 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8586142-1&cid=946032824.1708307072&jid=123680668&gjid=843050590&_gid=1552992769.1708307072&_u=YEBAAUAAAAAAACAAI~&z=319141965
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mirrored.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 19 Feb 2024 01:44:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mirrored.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8586142-1&cid=946032824.1708307072&jid=123680668&_u=YEBAAUAAAAAAACAAI~&z=1290305243
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Feb 2024 01:44:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8586142-1&cid=946032824.1708307072&jid=123680668&_u=YEBAAUAAAAAAACAAI~&z=1290305243
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Feb 2024 01:44:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
choice.js
cmp.inmobi.com/choice/PRrmquD1Ggcb1/www.mirrored.to/
Redirect Chain
  • https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2
  • https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2
4 KB
2 KB
XHR
General
Full URL
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Protocol
H2
Server
2600:9000:214f:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
279f08c535f189268a3e31b8cfb53d22467446e81b137b087d6886a33cd29a35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 01:44:32 GMT
content-encoding
br
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Sun, 19 Nov 2023 22:38:05 GMT
server
AmazonS3
etag
W/"692eeda9f4a07c09f87beca2a6c12274"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id
18iSR4UQZAhtCjsQAXVLb4PH8_3zrKuv9HD-2KVM-3RZiUcXh0SZTQ==

Redirect headers

date
Mon, 19 Feb 2024 01:44:32 GMT
server
awselb/2.0
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
location
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2
access-control-allow-origin
*
cache-control
max-age=900
content-length
0
prebid-04f2f691bc386dd54103450eea33fc7a.js
cdn.fuseplatform.net/prebid/
250 KB
78 KB
Script
General
Full URL
https://cdn.fuseplatform.net/prebid/prebid-04f2f691bc386dd54103450eea33fc7a.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2217/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f87f9fff76a33b37e1c83417c74036e1c9a033da14821f174d356f593c5cee9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 01:44:32 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 06:15:12 GMT
server
AkamaiNetStorage
etag
"850c5ef1bafa24259d836d70beb62f72:1681884912.783818"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400000
accept-ranges
bytes
content-length
79108
expires
Sun, 15 Nov 2026 01:44:32 GMT
apstag.js
c.amazon-adsystem.com/aax2/
287 KB
71 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2217/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-210.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ef56a843eaeea072e78aa174bcb41ea0b4eacc38bb472f37cf8cb5d22108578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 00:52:24 GMT
content-encoding
gzip
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 20:28:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
3129
x-amz-server-side-encryption
AES256
etag
W/"39a6e4e395af0da8e1832e836548faa1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
gHkdQU82-QBvMJF3aikBFO41gUqabgcVZbrBoympsoifkgReDbbDGg==
gpt.js
securepubads.g.doubleclick.net/tag/js/
98 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2217/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8cb53476a57e2ddafd86eb30357879acd266490bccdaa3dd0e209cb6c1f2e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 01:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29450
x-xss-protection
0
server
cafe
etag
389 / 19772 / 31081246 / config-hash: 11148296534494914191
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 19 Feb 2024 01:44:32 GMT
noconsent
cdn.fuseplatform.net/telemetry/
1 B
268 B
Fetch
General
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1708307072308&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=7a794983-f54f-5d41-b3a3-ff37ab286e3d&fid=2217&pubid=7&url=https%3A%2F%2Fwww.mirrored.to%2Ffiles%2FJA9EBSEQ%2FNero.Burning.ROM-Express.23.0.1.19.rar_links&sid=ebd46e4d86a1e0d4d43e&srate=100&adserver=gpt&etm=710&e=fuse-load&tenant=publift
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2217/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 01:44:32 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://www.mirrored.to
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Mon, 19 Feb 2024 02:14:32 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240219
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-04f2f691bc386dd54103450eea33fc7a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56f9f72d510fbbedf70de446e38e2806b2b3102598c175d2a7cc3a18d76309d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mirrored.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Feb 2024 01:44:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35023
x-jsd-version
1.0.1970
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21962-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"641-Y38PRLyxben6KXyxHtFO6M8uo8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhKFmIkRGSMh4GLYH70f3O6qhD6f3bBcbUBGBR9Pt%2BzIOe%2BfhzgX4pQMOqKOhH7u5axGc63mMoNkLzqWdw4RFz0B82TrYZlpZGz2wpoeA1uOy1cmLrkksppmJQyDWgeZD38KzCSO064IjCjsgW0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
857ad34238c86ace-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/
429 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js?cb=31081246
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f530dc6724889ca2261d21dc7a8a8165e025a77aae89905249de90eee518287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 11:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
51184
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138090
x-xss-protection
0
server
cafe
etag
14352082441515359041
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 17 Feb 2025 11:31:28 GMT
choice.js
cmp.inmobi.com/choice/PRrmquD1Ggcb1/www.mirrored.to/
Redirect Chain
  • https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2
  • https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2
4 KB
2 KB
Script
General
Full URL
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Protocol
H2
Server
2600:9000:214f:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
279f08c535f189268a3e31b8cfb53d22467446e81b137b087d6886a33cd29a35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 01:44:32 GMT
content-encoding
br
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified
Sun, 19 Nov 2023 22:38:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
6
x-amz-server-side-encryption
AES256
etag
W/"692eeda9f4a07c09f87beca2a6c12274"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
mhLQpkI8u_RTVPtIarY0YSodEZDtTntyl8MG8-zwgWusdx9BDARUvA==

Redirect headers

date
Mon, 19 Feb 2024 01:44:32 GMT
server
awselb/2.0
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
location
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2
access-control-allow-origin
*
cache-control
max-age=900
content-length
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-210.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
date
Sun, 18 Feb 2024 05:33:41 GMT
x-amz-cf-pop
FRA56-P3
age
72652
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
c9lekUbUXOOiEB7_QgmPqul1GPb2xHGFlGp4qSuVnSxuKhn_8W6vKg==
8b48e249-e9e6-4a52-8b48-396ea93403e8
config.aps.amazon-adsystem.com/configs/
564 B
831 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
b7107cc90112b3568606553b46a6f28d595921332a43bfceb1f25e4e31d124e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 01:07:45 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2207
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
UYdKxxN4zjVbfAMBySh6JyiTRoyNTl4Gd-EBVWxmX9mBAaYGxDyYGg==
config
c.amazon-adsystem.com/cdn/prod/
0
310 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.mirrored.to&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-210.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 21:22:18 GMT
via
1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
15734
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.mirrored.to
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
zm7_RsNu1cysGoIabPClDkag8aWsS6WQZM6NKlhYlKC18Ph6lssr3Q==
cmp2.js
cmp.inmobi.com/tcfv2/
158 KB
41 KB
Script
General
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.mirrored.to
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abe4ea2424cdaed8834843c5b9a05d8da6dc734cbbef28e1e50944e450c3577b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 01:38:35 GMT
content-encoding
br
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
358
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 16 Feb 2024 01:37:37 GMT
server
AmazonS3
etag
W/"77b0ce87a9e9840c4ee9c2c84a77db2a"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
Ez8CwWaB3tQVfipuWo8QETesE6L2iMnbr1OP0sNwYZrMaTiG5_XPIw==
cmp-list.json
cmp.inmobi.com/GVL-v2/
17 KB
4 KB
XHR
General
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.mirrored.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
188c2f1edbba715c6a440784ba9965d215dd9dd63091daf83a435e74a84ffa06

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mirrored.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 03:00:45 GMT
content-encoding
br
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
81828
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 18 Feb 2024 03:00:42 GMT
server
AmazonS3
etag
W/"c4d0dfdbe70ccfd0f67384f0a209f01c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
cyARD5g-lBzbt6q818osD01bSg1fBPY6t0doUlNgKKHcI1XB3WW57w==
cmp2ui-en.js
cmp.inmobi.com/tcfv2/51/
280 KB
68 KB
Script
General
Full URL
https://cmp.inmobi.com/tcfv2/51/cmp2ui-en.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.mirrored.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38392e0296c54ff4fe6b1ca456e338d040f70daa98793f5572886c936ed4d779

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 01:38:08 GMT
content-encoding
br
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
86785
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 16 Feb 2024 01:37:33 GMT
server
AmazonS3
etag
W/"21f7122061220b9f4272e31f70850bfc"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
_Ovys61rkqKbRAWfxlfo2J0Ghk4iimXGJkyWy2KxLShOJ-QWPPJtgQ==
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v3/
563 KB
70 KB
XHR
General
Full URL
https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.mirrored.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f58245e7a0f6611c94c8c36a159e84dec547a35d4bcaed7a87bf9b4616d7d814

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 23:59:22 GMT
content-encoding
gzip
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
6310
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 15 Feb 2024 23:59:21 GMT
server
AmazonS3
etag
W/"99a1dbc42a638fecefab832e14e70843"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
x-amz-cf-id
xwI4iF_YEesTEXJtaWj5kvsmGnv9W5HA-9PrnVXBjyI6U8nHBou5bA==
google-atp-list.json
cmp.inmobi.com/tcfv2/
142 KB
33 KB
XHR
General
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.mirrored.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8712084b7d90ddc62c0e5c67d4f8d0f7cf0f96a7a0456d9ed21e24e835675cd3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mirrored.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 03:00:26 GMT
content-encoding
br
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
81847
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 18 Feb 2024 03:00:25 GMT
server
AmazonS3
etag
W/"a5555c4dbdb04923b9945ea06145b0cb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
jP_wPfEsz3ns_P6wj16cpd_JAQAH1r8zfwaAoJYdsHLpQvtPoW7eJQ==
/
api.cmp.inmobi.com/
2 B
101 B
XHR
General
Full URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22PRrmquD1Ggcb1%22%2C%22domain%22%3A%22www.mirrored.to%22%2C%22publisher%22%3A%22Mirrored%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.51%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22O1w%2Fmz9iR91kik1VvTkE%2Bw%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1708307072593%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-2ubf6fjip9zq61ma8usn%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/51/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.153.172.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-153-172-61.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mirrored.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Feb 2024 01:44:32 GMT
content-length
2
content-type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| antiClickjack function| openNav function| closeNav function| $ function| jQuery function| gtag object| dataLayer undefined| pageTracker object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| fusePbjs object| fusetag function| __tcfapi object| apstag object| googletag object| fusePbjsChunk object| _pbjsGlobals object| pbjs object| ggeac object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom undefined| google_measure_js_timing object| google_reactive_ads_global_state object| regeneratorRuntime function| __tcfapiui function| __uspapi

8 Cookies

Domain/Path Name / Value
www.mirrored.to/files/JA9EBSEQ Name: lang
Value: en
www.mirrored.to/ Name: int_ad1
Value: yes
www.mirrored.to/ Name: int_ad2
Value: yes
.mirrored.to/ Name: _gid
Value: GA1.2.1552992769.1708307072
.mirrored.to/ Name: _gat_gtag_UA_8586142_1
Value: 1
.mirrored.to/ Name: _ga
Value: GA1.1.946032824.1708307072
.mirrored.to/ Name: _ga_K340681DZN
Value: GS1.1.1708307072.1.0.1708307072.0.0.0
cdn.fuseplatform.net/ Name: akacd_mirrored
Value: 1710899072~rv=33~id=c4b44a8e6b167ace972fc233fd973978

2 Console Messages

Source Level URL
Text
other warning URL: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.mirrored.to/files/JA9EBSEQ/Nero.Burning.ROM-Express.23.0.1.19.rar_links
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.cmp.inmobi.com
c.amazon-adsystem.com
cdn.fuseplatform.net
cdn.jsdelivr.net
cmp.inmobi.com
cmp.quantcast.com
config.aps.amazon-adsystem.com
region1.google-analytics.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.mirrored.to
18.153.172.61
18.195.142.17
2001:4860:4802:32::178
2001:4860:4802:32::36
2600:9000:214f:1200:1b:cadc:ef40:93a1
2606:4700::6810:5814
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2003
2a00:1450:4001:827::2004
2a00:1450:400c:c0c::9b
2a02:26f0:3500:12::1730:17a6
52.222.210.210
91.195.99.122
99.86.4.39
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0ef56a843eaeea072e78aa174bcb41ea0b4eacc38bb472f37cf8cb5d22108578
188c2f1edbba715c6a440784ba9965d215dd9dd63091daf83a435e74a84ffa06
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
279f08c535f189268a3e31b8cfb53d22467446e81b137b087d6886a33cd29a35
2978bf79a93ca7d572e8ba5673e75a7e297c8520876d846c8b3e9f3bc5aeaa97
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881
38392e0296c54ff4fe6b1ca456e338d040f70daa98793f5572886c936ed4d779
448bb4a98d6e073a40c8d0495369ad72c06a8f11ee38e73148121c2f0f337757
4f530dc6724889ca2261d21dc7a8a8165e025a77aae89905249de90eee518287
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56f9f72d510fbbedf70de446e38e2806b2b3102598c175d2a7cc3a18d76309d5
5a14bc2fce5face35381ee1e9bea31e11463d1416fe694e783c94e77ed05c673
6e9e9281d32d8730c476f6b15142000f649937da3ec328c73487462cdb49c16c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8712084b7d90ddc62c0e5c67d4f8d0f7cf0f96a7a0456d9ed21e24e835675cd3
941b74c61526e7e762df7962b3ca1f14562ae70057b963bbda79c3281ae97449
abe4ea2424cdaed8834843c5b9a05d8da6dc734cbbef28e1e50944e450c3577b
b7107cc90112b3568606553b46a6f28d595921332a43bfceb1f25e4e31d124e0
d5963ecbf1db726386f0557788a4e8edcf4fc3b25e75e55898c1ce0fd9953230
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3db24c2015ace33ac791982f8d47e380cd42bc1288d2a7218d8589c66e1eb4e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f58245e7a0f6611c94c8c36a159e84dec547a35d4bcaed7a87bf9b4616d7d814
f87f9fff76a33b37e1c83417c74036e1c9a033da14821f174d356f593c5cee9e
f8cb53476a57e2ddafd86eb30357879acd266490bccdaa3dd0e209cb6c1f2e2f